11 April 2025
Hello,
Recently AustralianSuper was one of a number of superannuation funds impacted by a cyber fraud crime. As our investigation is well progressed, I am writing to you with an update.
As soon as we became aware of suspicious activity, we took immediate action to safeguard your account and the account of every AustralianSuper member. That was our priority.
We acted quickly, including notifying the relevant authorities and working closely with all of the affected funds.
I want to be clear that AustralianSuper was not hacked. Criminals used stolen passwords and personal identity information from other sources to access accounts to commit fraud. Unlike other recent cyber incidents reported in the media over the last few years, cyber criminals did not access our systems.
I, and everyone at the Fund, recognise that this has been an unsettling time for you and your family. We are now in a position to communicate directly with you about the circumstances of that event and we acknowledge that you have been anxious to hear from us as we have focused on the pressing issues at hand.
At the time of writing, we had temporarily locked about 600 members’ accounts, and our focus has been on communicating with those impacted members.
While this number is relatively small, we recognise that many members will have been concerned by this, and it has occurred at a time of significant global uncertainty in investment markets.
Our systems repelled most of the attempted fraud on these accounts but unfortunately, money was stolen from 10 accounts. All of those members have been reimbursed. We will continue to investigate this matter.
This attack and the impact of geopolitical events and US trade policy on investment markets drove a high volume of calls to our contact centre and traffic to our online portal and the mobile app, which in turn caused service outages.
The Fund has many security systems in place including multifactor authentication on various transactions. We are consistently enhancing our security and anti-fraud measures.
What you can do
There are some simple steps you can take to safeguard your account. Please don’t click on attachments on your phone or your computer unless you are certain of the sender. Most importantly, we urge you to make sure your AustralianSuper password is strong, not easy to guess and is not used anywhere else.
We are experiencing a high volume of calls to our contact centre, so I encourage you to visit our website for regular updates: https://www.australiansuper.com/campaigns/protecting-your-account
We value the trust you place in AustralianSuper to manage your retirement savings.
Members will receive this update via email soon.Regards,
Paul Schroder