A major data breach has reportedly impacted a number of major superannuation funds in Australia, with at least four members losing a total of half a million dollars in retirement funds. Members of the funds have also reportedly lost money during the cyberattack after accounts were accessed by criminals.
According to 7NEWS.com.au, the superannuation funds' systems have not been compromised, but emails and passwords of members from the Australian Retirement Trust, AustralianSuper, and Hostplus were confirmed to be affected by the attack. The Association of Superannuation Funds of Australia (ASFA) stated that the breach occurred last weekend, around March 29-30, 2025, when hackers attempted to penetrate the cyber defenses of several superannuation funds.
ASFA emphasized that while most attempts were thwarted, some members were affected. AustralianSuper reported that 600 of its members were impacted, with four members losing a total of $500,000 in retirement savings as a result of the cyberattack. The stolen funds were funneled into bank accounts that did not belong to the members.
Rest, another superannuation fund, stated that about 8,000 of its members were impacted, but confirmed that no money had left their superannuation accounts. Hundreds of members from the Australian Retirement Trust were also affected, according to reports.
AustralianSuper's Chief Member Officer Rose Kerlin said in a statement that the fund observed a spike in suspicious activity across its member portal and mobile app over the past week. “We are urging members to take steps to protect themselves online,” Kerlin stated. “This week we identified that cyber criminals may have used up to 600 members’ passwords to log into their accounts in attempts to commit fraud.”
Rest’s CEO Vicki Doyle expressed concern over the situation, noting that the fund first became aware of unauthorized activity on its online Member Access portal. Although the portal was immediately shut down, the Rest app remained available for most members. “Due to our incident response protocols, the impact has been limited to less than 1 percent of our members. Nevertheless, this will be very concerning for the members who have been impacted, and we are very sorry this has happened,” Doyle said.
Hostplus confirmed that it was actively investigating the situation to determine the facts and extent of any impact on its members. A spokesperson stated that while the investigation remains ongoing, no member losses have occurred. “Our top priority is the security and privacy of our members and their accounts, and we are taking all necessary measures to protect our systems and data,” the spokesperson said.
The Australian Retirement Trust confirmed that it was impacted by the attack, but its systems successfully clamped down on suspicious activity. “We can confirm our digital security system identified unusual login activity and that impacted accounts were locked as a precaution. We have not identified any suspicious transactions or modifications regarding these accounts,” an ART spokesperson told 7NEWS.com.au.
In light of the cyberattack, the ASFA has stressed that superannuation funds and their service providers have robust cyber protections in place. They are also working to enhance system-wide defenses through initiatives like the ASFA Financial Crime Protection Initiative (FCPI). This includes establishing a hotline between the superannuation sector, government agencies, and related financial services bodies when issues arise.
Prime Minister Anthony Albanese has been briefed on the attacks and stated that such incidents are a regular issue in Australia, with one occurring every six minutes. He emphasized the need for a coordinated response across government, regulators, and industry to combat these cyber threats.
While the majority of the attempts to breach Australian super funds’ cybersecurity measures were repelled, some members have been affected. The ASFA has assured retirement savers that their funds are working diligently to contact affected members and provide assistance.
As investigations continue, superannuation funds are urging their members to check their accounts for signs of fraud, ensure their banking and contact details are correct, and change their passwords if they are not unique to their accounts. The funds are contacting all affected members to inform them of the situation and assist those whose data has been compromised.
In summary, the cyberattack has raised significant concerns about the security of retirement savings in Australia. With the superannuation sector managing a staggering A$4.2 trillion ($2.63 trillion), the implications of such breaches could be far-reaching, emphasizing the need for heightened cybersecurity measures and vigilance among members.
