Superannuation funds in Australia targeted in unauthorized intrusions and financial deceit
In a recent development, the Australian Government's cyber security coordinator, McGuinness, is leading a whole-of-government response to a series of cyberattacks targeting Australian superannuation funds. These attacks, which have surged over the past week, have impacted hundreds of member accounts across major funds.
McGuinness has been coordinated by the Australian Signals Directorate (ASD) in connection with the cyberattack situation. In an effort to bolster account security, McGuinness is working with various Australian Government agencies, financial system regulators, and industry stakeholders to provide cyber security advice.
Customers are advised to take immediate steps to protect their accounts. This includes using strong, unique passwords and enabling multi-factor authentication wherever possible. Providers, too, must enhance client information security, secure account access, and communicate promptly and clearly when any incidents or concerns arise.
Super fund members are encouraged to check their accounts and remain engaged with their funds if they suspect they have been impacted. Unfortunately, some of these attacks have been successful in accessing and transferring money from affected accounts.
The incident underscores the shared responsibility of both customers and providers for account security. It is believed that the attackers may have acquired information using methods such as scraping data from social networks or utilizing leaked password databases. Potential fraud is a concern for super fund members due to the incident.
The Australian Government's trusted source of cyber security advice is cyber.gov.au. Simple steps to protect oneself online can be found on this website.
It's important to note that the funds' IT systems themselves have not been compromised; instead, the attackers have focused on individual accounts. This news has prompted many super fund members to log in and check their investments via fund applications or client portals, resulting in a spike in server requests. Some applications, like AustralianSuper, experienced technical issues under the sudden heavy load, preventing logins or displaying incorrect account balances.
This incident serves as a reminder of the importance of cyber security in safeguarding consumers' future financial stability. Superannuation funds are trusted to perform this role, and it is crucial that they, along with their customers, take the necessary steps to ensure the security of their accounts.
