Australia's $4.2 trillion piggy bank just got cracked open early after major super funds get hacked in a coordinated attack

Australia's largest super funds suffered a co-ordinated cyberattack — all at the same time.

What's the key learning?

Australia's superfunds is the largest globally where more than 70% of the funds were being managed by the Australian Government.
Holding that much of information and funds can be quite prone to cyberhackers who may have found some weakness with its cybersecurity.
We have yet to see in the coming days how many members are affected, and how much of the funds have been compromised.

👉 Background: Australia’s superannuation industry is one of the largest pension fund programs in the world. In fact, it's worth more than $4.2 trillion and has grown by nearly $800 billion in just the last 4 years.

👉 What happened: Late last week, some of Australia's largest super funds, AustralianSuper, Australian Retirement Trust, Hostplus, Rest and Insignia suffered a co-ordinated cyberattack — all at the same time. The attack targeted retiree super fund customers who can legally take money out of their accounts.

👉 What else: More than 9,000 accounts had been breached through 'credential stuffing', with AustralianSuper being the only fund to report that money was stolen. Four super fund members lost around $500,000. But now, APRA, the financial institution watchdog, has warned all super funds to come forward ASAP… ooorrr else.

‍

‍What's the key learning?

‍

‍💡Cybersecurity isn't just about tech—it’s a major trust issue. Super funds are meant to be the cornerstone of Australian retirement, so any sign of weakness can rattle millions of members. Currently, 73% of Australians trust their super funds over the Government, but when their money is compromised, the trust levels can plummet fast.‍

‍💡 Typically we think of cyberattacks as targeting big banks or major tech firms, but super funds are prime targets because:

They have huge pools of money
They hold valuable personal data
Many of them have an older demographic that might not have the digital know-how to navigate a cyberattack

💡Interestingly, APRA did an audit on the major super funds two years ago and found “foundational issues” with their cybersecurity. So, it seems like it was only a matter of time until these gaps were exploited.

Disclaimer: Flux Technologies Pty Ltd (ABN 86 634 507 172) is an authorised representative (Representative No. 1283166) of Mozo Pty Ltd who is the holder of AFSL No. 328141. We also provide general advice on credit products under our own Australian Credit Licence No. 530103. The product information presented does not constitute an offer and we are not recommending or suggesting any particular product. Any product advice presented is of a general nature only, and is not to be taken as any sort of advice as it has not taken into account your personal circumstances, objectives, financial situation or needs. Flux may not cover all products available to you. Check out our Credit Guide and Financial Services Guide for more information.

All information contained in the Flux app, www.flux.finance, www.joinflux.com, app.flux.finance and any podcast of Flux Media Pty Ltd (ABN 27 639 804 345) is for education and entertainment purposes only. It is not intended as a substitute for professional financial, legal or tax advice. Flux Media Pty Ltd is the owner of the registered trade mark, 'What the Flux'. While we do our best to provide accurate information on the podcast, we accept no responsibility for any inaccuracies that may be communicated.

Australia's $4.2 trillion piggy bank just got cracked open early after major super funds get hacked in a coordinated attack

What's the key learning?

Ready to win at money?

Become smarter in just 3 minutes! ⏱️