Multiple Australian superannuation funds, including AustralianSuper, Hostplus, Rest Super, and MLC (Insignia Financial), faced a coordinated cyberattack. The attacks involved unauthorized login attempts using compromised member passwords.
While the number of affected members varied across funds (approximately 200 for Australian Retirement Trust, 8000 for Rest Super, and up to 600 for AustralianSuper), funds reported that no significant financial losses or fraudulent transactions were detected. Affected accounts were immediately locked, and members were notified. Funds urged members to check their accounts and change passwords.
The cyberattacks highlighted the vulnerability of online accounts and the importance of robust cybersecurity measures for financial institutions. Although no major financial losses were reported in this instance, the incident emphasizes the need for enhanced security practices and increased member awareness of online threats.
“If you have been impacted or are concerned you may have been impacted, follow the advice provided by your super fund.”
Loading
According to assessments conducted so far, the attack has affected about 200 Australian Retirement Trust members, but the criminals were unable to access any of their retirement savings, the fund confirmed.
“We can confirm our digital security system identified unusual login activity and that impacted accounts were locked as a precaution, and members and regulators were notified,” a spokesman for Australian Retirement Trust said.
“We have not identified any suspicious transactions or modifications regarding these accounts.”
AustralianSuper chief member officer Rose Kerlin urged members to check their accounts and to contact the fund if they noticed their password had been changed.
“Over the past week, we have seen a spike in suspicious activity across our member portal and mobile app, and we are urging members to take steps to protect themselves online,” Kerlin said.
“This week we identified that cyber criminals may have used up to 600 members’ passwords to log into their accounts in attempts to commit fraud.
“While we took immediate action to lock these accounts and let those members know, there are things members can do right now to protect themselves online,” she added.
Rest Super chief executive Vicki Doyle said less than 1 per cent of its members – about 8000 customers – had been affected by the co-ordinated cyberattacks. The fund added the “overwhelming majority” of the attacks had been limited to unauthorised access of accounts, and it believed that no money had been transferred out.
“Over the weekend of 29-30 March 2025, Rest became aware of some unauthorised activity on our online Member Access portal. We responded immediately by shutting down the Member Access portal, undertaking investigations and launching our cybersecurity incident response protocols,” Doyle said.
“At this stage, we believe that some of our members may have had limited personal information accessed and we are currently working through this with those impacted members.”
Insignia Financial, which owns the superannuation brand MLC, also confirmed there had been no financial impact on its members. A spokeswoman said the fund had decided to restrict some activities on its platforms to protect customer accounts.
“Some customers will receive communications prompting them to reset their passwords when they next log in to their accounts,” the spokeswoman said.
Skip the extension — just come straight here.
We’ve built a fast, permanent tool you can bookmark and use anytime.
Go To Paywall Unblock Tool