Summary

Recent reports have confirmed that several superannuation funds have been targeted by malicious actors. These incidents involved unauthorised access to member portals, with some resulting in the withdrawal of funds from compromised accounts.

We strongly recommend that any employees with accounts in the affected superannuation funds review their accounts for any unusual activity as a precautionary measure. Please note that some provider portals may be temporarily down.

The following superannuation funds have been confirmed as impacted:

  • Australian Retirement Trust
  • AustralianSuper
  • Hostplus
  • Rest
  • Insignia

 

Recommendations

If you are with any of the above funds and the portal is accessible, it is strongly recommended that you follow the below steps:

  1. Log into your superannuation portal and check the banking details and contact info attached to your account. If it has changed, call your fund immediately.
  2. If you do not have multifactor authentication enabled in your superannuation portal, turn it on.
  3. Change your superannuation portal password.

If you are not with a superannuation fund listed above, it is recommended that you still follow steps 2 and 3 for good measure.

 

Contact Us

If you have any additional concerns, would like further guidance, or wish to learn more about this issue, we encourage you to contact our team directly. Our experts are available to provide support and answer any questions you may have.