Australia’s largest superannuation fund has confirmed all members who had funds stolen during the recent cyber fraud crime have been reimbursed.
In an email sent to its members on Thursday, the first of its kind since it was reported AustralianSuper was one of a number of funds impacted by a cyber fraud crime, CEO Paul Schroder said that the fund was “not hacked”.
“Criminals used stolen passwords and personal identity information from other sources to access accounts to commit fraud. Unlike other recent cyber incidents reported in the media over the last few years, cyber criminals did not access our systems,” Schroder said.
“We are now in a position to communicate directly with you about the circumstances of that event and we acknowledge that you have been anxious to hear from us as we have focused on the pressing issues at hand.”
Schroder said that as of 11 April 2025, it had “temporarily locked” around 600 member accounts following a security breach, with funds stolen from 10 of them.
“All of those members have been reimbursed. We will continue to investigate this matter,” the CEO said, adding that the fund is “consistently enhancing” its security and anti-fraud measures.
“The fund has many security systems in place including multifactor authentication on various transactions.”
Last week, speaking at Momentum Media’s Election 2025 event, CEO of the ASFA, Mary Delahunty, said the incident – which also impacted Rest, Hostplus, Insignia’s Expand platform, ART, Cbus Super, and Media Super – was being investigated by police and government authorities.
“While I can’t say a lot at the moment, I can say that the cyber criminals undertook a co-ordinated, well-funded and sophisticated attack on our system,” Delahunty said.
Expounding on how this was done, the CEO said that the hackers used stolen or approximated email addresses and passwords to access accounts – a process known as credential stuffing.
“The superannuation sector is taking this extremely seriously, as we should,” Delahunty said.
“Australians place enormous trust in the super system, and rightly expect that their retirement savings will be safe and protected. And when that trust is tested, it must be taken seriously. The funds involved and the broader ASFA member base, which includes those critical service providers, are doing exactly that.”
She said that reviews are underway to assess where further protections are needed.
The incident was earlier addressed by Treasurer Jim Chalmers, who similarly said both APRA and ASIC were engaging with all impacted funds to support safe outcomes for members.
“On Friday, we convened the Council of Financial Regulator agencies to get an update on their ongoing response to this incident as well. That’s working around the clock in response to the incident, and it’s all about protecting fund members and improving security measures,” the Treasurer said at the time.
