In a series of coordinated attacks, tackers targeting Australia’s major pension funds have stolen savings from some members at the biggest fund, according to a source with knowledge of the matter, and compromised more than 20,000 accounts.
National Cyber Security Coordinator Michelle McGuinness said in a statement that she was aware of “cybercriminals” targeting accounts in the country’s A$4.2 trillion (US$2.61 trillion) retirement savings sector and was organizing a response across the government, regulators and industry.
It was still unclear how many pension funds and members were affected.
AustralianSuper, the nation’s largest fund managing A$365 billion for 3.5 million members, confirmed that up to 600 member passwords had been stolen to access accounts and commit fraud.
“We took immediate action to lock these accounts and let those members know,” AustralianSuper’s Chief Member Officer Rose Kerlin said, urging all members to check their online balances.
Four AustralianSuper members had a combined A$500,000 drained from their balances and transferred to other accounts that did not belong to them, according to the source, who was not authorized to speak publicly about the matter.
AustralianSuper did not respond immediately to a request for comment.
Australian Retirement Trust, the second-largest fund managing A$300 billion for 2.4 million members, said it had detected “unusual login activity” affecting “several hundreds” of accounts.
It locked impacted accounts as a precaution, though there were no suspicious transactions or changes made, it said.
Rest Super, the default industry pension fund for retail workers, with A$93 billion of assets under management, said it suffered an attack that affected about 20,000 accounts, or about 1 percent of its 2 million members.
“Over the weekend of 29 to 30 March 2025, Rest became aware of some unauthorized activity on our online Member Access portal,” Rest chief executive officer Vicki Doyle said.
“We responded immediately by shutting down the Member Access portal, undertaking investigations and launching our cybersecurity incident response protocols,” she said.
Insignia Financial, which manages A$327 billion, said that a “malicious third-party” attempted to access online pension accounts on its Insignia Financial Expand platform.
There had been no financial impact at this stage to members, an Insignia spokesperson said.
Hostplus, which has more than 1.8 million members and A$115 billion under management, also confirmed it suffered an attack.
A spokesperson said no member losses had occurred, but that it was still investigating the extent of the incident.
Australian Prime Minister Anthony Albanese said he had been briefed about the hacks and said there would be a “considered” response from government agencies in time.
He added that such attacks were a “regular issue” in Australia, with one occurring every six minutes.
Australia’s largest not-for-profit hospital and aged care provider St Vincent’s Health, private health insurer Medibank and telecom Optus have all suffered major breaches.
The Australian government in 2023 committed A$587 million to fund a seven-year strategy to improve the cybersecurity of the nation’s citizens, businesses and agencies.
A fire caused by a burst gas pipe yesterday spread to several homes and sent a fireball soaring into the sky outside Malaysia’s largest city, injuring more than 100 people. The towering inferno near a gas station in Putra Heights outside Kuala Lumpur was visible for kilometers and lasted for several hours. It happened during a public holiday as Muslims, who are the majority in Malaysia, celebrate the second day of Eid al-Fitr. National oil company Petronas said the fire started at one of its gas pipelines at 8:10am and the affected pipeline was later isolated. Disaster management officials said shutting the
US Vice President J.D. Vance on Friday accused Denmark of not having done enough to protect Greenland, when he visited the strategically placed and resource-rich Danish territory coveted by US President Donald Trump. Vance made his comment during a trip to the Pituffik Space Base in northwestern Greenland, a visit viewed by Copenhagen and Nuuk as a provocation. “Our message to Denmark is very simple: You have not done a good job by the people of Greenland,” Vance told a news conference. “You have under-invested in the people of Greenland, and you have under-invested in the security architecture of this
UNREST: The authorities in Turkey arrested 13 Turkish journalists in five days, deported a BBC correspondent and on Thursday arrested a reporter from Sweden Waving flags and chanting slogans, many hundreds of thousands of anti-government demonstrators on Saturday rallied in Istanbul, Turkey, in defence of democracy after the arrest of Istanbul Mayor Ekrem Imamoglu which sparked Turkey’s worst street unrest in more than a decade. Under a cloudless blue sky, vast crowds gathered in Maltepe on the Asian side of Turkey’s biggest city on the eve of the Eid al-Fitr celebration which started yesterday, marking the end of Ramadan. Ozgur Ozel, chairman of the main opposition Republican People’s Party (CHP), which organized the rally, said there were 2.2 million people in the crowd, but
JOINT EFFORTS: The three countries have been strengthening an alliance and pressing efforts to bolster deterrence against Beijing’s assertiveness in the South China Sea The US, Japan and the Philippines on Friday staged joint naval drills to boost crisis readiness off a disputed South China Sea shoal as a Chinese military ship kept watch from a distance. The Chinese frigate attempted to get closer to the waters, where the warships and aircraft from the three allied countries were undertaking maneuvers off the Scarborough Shoal — also known as Huangyan Island (黃岩島) and claimed by Taiwan and China — in an unsettling moment but it was warned by a Philippine frigate by radio and kept away. “There was a time when they attempted to maneuver
RSS