POWERED BY MOMENTUM MEDIA
‘AustralianSuper was not hacked’: Fund responds to cyber incident
Australia’s largest superannuation fund has confirmed all members who had funds stolen during the recent cyber fraud crime have been reimbursed.
In an email sent to its members on Thursday, the first of its kind since it was reported AustralianSuper was one of a number of funds impacted by a cyber fraud crime, CEO Paul Schroder said that the fund was “not hacked”.
“Criminals used stolen passwords and personal identity information from other sources to access accounts to commit fraud. Unlike other recent cyber incidents reported in the media over the last few years, cyber criminals did not access our systems,” Schroder said.
“We are now in a position to communicate directly with you about the circumstances of that event and we acknowledge that you have been anxious to hear from us as we have focused on the pressing issues at hand.”
Schroder said that as of 11 April 2025, it had “temporarily locked” around 600 member accounts following a security breach, with funds stolen from 10 of them.
“All of those members have been reimbursed. We will continue to investigate this matter,” the CEO said, adding that the fund is “consistently enhancing” its security and anti-fraud measures.
“The fund has many security systems in place including multifactor authentication on various transactions.”
Last week, speaking at Momentum Media’s Election 2025 event, CEO of the ASFA, Mary Delahunty, said the incident – which also impacted Rest, Hostplus, Insignia’s Expand platform, ART, Cbus Super, and Media Super – was being investigated by police and government authorities.
“While I can’t say a lot at the moment, I can say that the cyber criminals undertook a co-ordinated, well-funded and sophisticated attack on our system,” Delahunty said.
Expounding on how this was done, the CEO said that the hackers used stolen or approximated email addresses and passwords to access accounts – a process known as credential stuffing.
“The superannuation sector is taking this extremely seriously, as we should,” Delahunty said.
“Australians place enormous trust in the super system, and rightly expect that their retirement savings will be safe and protected. And when that trust is tested, it must be taken seriously. The funds involved and the broader ASFA member base, which includes those critical service providers, are doing exactly that.”
She said that reviews are underway to assess where further protections are needed.
The incident was earlier addressed by Treasurer Jim Chalmers, who similarly said both APRA and ASIC were engaging with all impacted funds to support safe outcomes for members.
“On Friday, we convened the Council of Financial Regulator agencies to get an update on their ongoing response to this incident as well. That’s working around the clock in response to the incident, and it’s all about protecting fund members and improving security measures,” the Treasurer said at the time.
AUTHOR
Maja Garaca Djurdjevic
Recommended for you
Treasurer Jim Chalmers has held talks with US Treasury Secretary Scott Bessent, intensifying efforts to resolve concerns over section 899 of the proposed “Big Beautiful Bill” in the United States.
The draft guidance note enhances and replaces existing guidance on investment management operational due diligence to pr...
Following the release of the Australian Bureau of Statistics’ monthly Consumer Price Index (CPI) report on Wednesday, market experts have weighed in on inflation trends and the Reserve Bank of Australia’s (RBA) interest rate outlook.
Grattan’s Brendan Coates believes there’s still much to be done to curb superannuation tax concessions that lack a plausible purpose.
TOP PERFORMING FUNDS
ACS FIXED INT - AUSTRALIA/GLOBAL BOND
Fund name
3y(%)pa
1
DomaCom DFS Mortgage
92.15 3 y p.a(%)
2
Global X 21Shares Bitcoin ETF
53.24 3 y p.a(%)
3
Global X GlobalX FANG+ ETF
43.15 3 y p.a(%)
4
DomaCom Shoreline North Coogee
36.26 3 y p.a(%)
5
GAM LSA Private Shares AU I
35.87 3 y p.a(%)
