Since the weekend attacks, some of the country's largest profit-to-member superannuation funds with millions of members each and managing tens or hundreds of billions—including AustralianSuper, Hostplus, REST and Australian Retirement Trust, and Insignia Financial—confirmed that some of their members' accounts were breached in these attacks. While ASFA and the other affected super funds didn't share additional details on the account breaches, Insignia Financial says its Expand Platform was hit by credential stuffing attacks where threat actors use stolen credentials and automated tools to gain access to user accounts. Reuters has learned from a source familiar with the matter that over 20,000 accounts were breached in this massive wave of attacks targeting Australia's superannuation industry, with some members reportedly losing some of their savings. AustralianSuper, which manages the retirement savings of over 3.5 million members from over 472,000 businesses, totaling over $365 billion, confirmed that the attackers breached at least 600 accounts using stolen credentials. Over the weekend, a massive wave of credential stuffing attacks hit multiple large Australian super funds, compromising thousands of members’ accounts. Hostplus also noted that its members have lost no funds due to these attacks and that the extent of the impact on their accounts is being investigated. Although it shut down the portal in reaction to the attacks, approximately 8,000 members had some limited personal information (including first name, email address, and member identification number) accessed. However, Rest says there is no evidence that the attackers transferred funds from compromised members' accounts. "Over the past week, we have seen a spike in suspicious activity across our member portal and mobile app and we are urging members to take steps to protect themselves online," said AustralianSuper Chief Member Officer Rose Kerlin.
This Cyber News was published on www.bleepingcomputer.com. Publication date: Fri, 04 Apr 2025 16:15:19 +0000