A wave of coordinated cyberattacks has struck some of Australia’s largest pension funds, compromising over 20,000 member accounts and resulting in substantial financial losses, including a reported theft of A$500,000 from four individuals.
According to a source familiar with the matter, hackers reportedly targeted multiple funds, including AustralianSuper, Australian Retirement Trust, Rest, Insignia, and Hostplus—some of the country’s biggest retirement savings institutions, managing a combined total of over A$873 billion.
AustralianSuper, which manages A$365 billion for 3.5 million members, confirmed that hackers accessed around 600 member accounts using stolen login credentials.
“We took immediate action to lock these accounts and notified affected members,” said Chief Member Officer Rose Kerlin, urging all users to check their online balances.
Rest Super reported the largest number of compromised accounts—about 20,000, or 1% of its 2 million members. CEO Vicki Doyle said the fund shut down its Member Access portal and activated cyber incident response protocols after detecting unauthorized activity over the weekend of March 29–30.
Both Australian Retirement Trust and Insignia Financial confirmed detecting suspicious login attempts. Although neither fund reported financial losses at this stage, both locked affected accounts as a precaution.
Hostplus said no member funds had been lost, but investigations were ongoing.
National Cyber Security Coordinator Michelle McGuinness said a whole-of-government response is underway, involving regulators and industry stakeholders. Prime Minister Anthony Albanese acknowledged the growing threat, noting that cyberattacks now occur “every six minutes” in Australia. Treasurer Jim Chalmers called the situation “very concerning,” while opposition cybersecurity spokesperson James Paterson urged funds to compensate affected members.
The pension fund breaches come in the wake of other major cyber incidents involving Medibank, Optus, and St Vincent’s Health. In response, the federal government last year pledged A$587 million to a seven-year national cybersecurity strategy.
ALSO READ TOP STORIES FROM VERILY NEWS
