Several major Australian pension funds have been targeted in a coordinated cyber attack that potentially compromised personal data of thousands of members. Cyber criminals managed to steal A$500,000 (approximately €305,000) from members’ accounts, highlighting growing concerns about the security of retirement savings across the financial sector.
The country’s largest pension fund, AustralianSuper, confirmed on Friday that hackers may have used up to 600 members’ stolen passwords over the past week to commit fraud. In an attempt to reassure its members, the A$365 billion fund stated that savings remain secure, even if accounts currently display zero balances.
According to a person familiar with the matter, criminals successfully stole A$500,000 from four AustralianSuper accounts, Bloomberg reports. The unauthorized access has triggered immediate security responses across multiple pension funds impacted by the breach.
Multiple funds under attack
The attack appears to be widespread across Australia’s pension sector. Rest, which manages A$93 billion in assets, experienced unauthorized activity on its online member portal last weekend affecting approximately 8,000 members. Similarly, Australian Retirement Trust, the country’s second-largest fund, and Insignia Financial reported suspicious activities on their platforms.
“We responded immediately by shutting down the member access portal, undertaking investigations and launching our cyber security incident response protocols,” said Rest CEO Vicki Doyle, who emphasized that no member funds were transferred during the incident.
Pension funds are attractive targets for cybercriminals, and on occasion, they’re high-profile incidents. In 2023, the UK’s Pension Protection Fund was hit by hackers who gained access to employee data through a vulnerability in a third-party data transfer service. While that attack didn’t compromise member data, it underscored the growing threat to all financial institutions.
Coordinated response
AustralianSuper reported detecting a spike in suspicious activity across its member portal and mobile app over the past week. The fund urged members to take protective measures while working closely with the National Office of Cyber Security, regulators and other authorities.
National Cyber Security Coordinator Lieutenant General Michelle McGuinness stated: “I am coordinating engagement across the Australian government, including with the financial system regulators, and with industry stakeholders to provide cyber security advice.” The Association of Superannuation Funds of Australia confirmed that affected funds are contacting all impacted members and assisting those whose data has been compromised.
We’re likely to see more reports of incidents such as these in the future, as the attack surface widens day by day and attackers become more capable of launching vast campaigns. Last year saw a 30 percent increase in cyber attacks globally, with financial institutions remaining prime targets due to the sensitive data and large sums of money they manage.
Industry on high alert
The Australian pension industry had been warned about potential cyber threats before the attack. Last year, the industry regulator wrote to pension funds, banks and insurers, stating that cyber resilience was a “supervision priority.” Many superannuation funds had been conducting scenario testing in anticipation of such threats.
Cybersecurity experts increasingly recommend that organizations implement proactive security measures rather than just focusing on recovery after an attack. Solutions like those offered by security companies focus on detecting and responding to active threats before they can cause significant damage, as seen in recent innovations that aim to prevent attacks instead of just recovering from them.
As cyber criminals continue to target financial institutions worldwide, the incident in Australia serves as a stark reminder of the importance of robust security protocols, especially for organizations managing retirement funds for millions of people.