In this guide
Super funds hit by cyber attack
Australian super funds have been urged to step up their cybersecurity after several large funds, including AustralianSuper, Australian Retirement Trust (ART), Insignia Financial, Hostplus and REST experienced a cyber attack in late March and early April.
AustralianSuper reported a spike in suspicious activity in around 600 member accounts. Some members were defrauded of tens of thousands of dollars.
"Keeping members’ money and data safe is our highest priority and we have taken immediate steps to safeguard members’ accounts," AustralianSuper said in a statement following the attack.
"We have now thoroughly investigated the incidents in which we’ve identified that money was transacted out of a member’s account and all of those are being remediated. Remediations will be made from fund reserves. We are deeply sorry about the distress caused by this criminal attack, and we are working with affected members to help protect their accounts," the fund added.
It also expects two-factor authentication on internet logins to be live in about a month.
Members seeking to access their online accounts had some difficulty immediately following the revelation that there had been a cyber-attack, as websites were hit with high traffic.
ART said it could confirm its digital security system identified unusual login activity and that impacted accounts were locked as a precaution, and members and regulators were notified.
"We have not identified any suspicious transactions or modifications regarding these accounts," ART said in a statement.
The Association of Superannuation Funds of Australia (ASFA) also sought to reassure fund members.
