AustralianSuper, Australia’s largest superannuation fund, was targeted in a cyber incident between March and April, coinciding with market volatility. While APRA noted the overall impact on individual members was contained, the attack highlighted systemic vulnerabilities in the superannuation sector’s appeal to threat actors. The regulator emphasized that some funds, including AustralianSuper, demonstrated stronger responses by leveraging clear control environments—particularly around payment processes—to swiftly interrupt fraudulent transactions and recover misdirected funds. However, the incident exposed gaps in industry-wide coordination, public trust, and member protection awareness. APRA’s assessment underscored the need for a unified cybersecurity strategy, as fragmented responses risked amplifying reputational damage and financial losses. The attack’s timing during market instability further compounded its potential ripple effects, though no large-scale data breaches or ransomware were explicitly reported. The focus remained on operational disruption, trust erosion, and the urgency for collaborative threat mitigation across the sector.
Source: https://financialnewswire.com.au/fintech/can-super-funds-mount-united-front-cyber-security/
TPRM report: https://www.rankiteo.com/company/australiansuper
"id": "aus1030410102825",
"linkid": "australiansuper",
"type": "Cyber Attack",
"date": "10/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Financial Services',
'location': 'Australia',
'name': 'AustralianSuper',
'size': 'Largest in Australia',
'type': 'Superannuation Fund'},
{'industry': 'Financial Services',
'location': 'Australia',
'name': 'Unnamed Superannuation Funds',
'type': 'Superannuation Funds'}],
'date_publicly_disclosed': '2024-07-00',
'description': 'APRA highlighted the need for a coordinated industry response '
'to cyber incidents affecting multiple superannuation funds, '
'including AustralianSuper. While the impact on individual '
"members was contained, the incidents underscored the sector's "
'appeal to threat actors, particularly during market '
'volatility. Some funds demonstrated stronger control '
'environments (e.g., payments processes) and proactive '
'cybersecurity measures, but overall, the industry requires '
'improved public perception management, member trust, and '
'cross-stakeholder coordination. The National Cyber Security '
'Coordinator emphasized the tension between competition and '
'collaboration in cybersecurity.',
'impact': {'brand_reputation_impact': 'Potential erosion of member trust '
'(highlighted as a risk by APRA)',
'financial_loss': 'Contained (specific losses unreported; some '
'funds recovered diverted transactions)',
'operational_impact': 'Minimal (transactions interrupted/recovered '
'in some cases)',
'payment_information_risk': 'Targeted (payments processes '
'exploited in some cases)'},
'initial_access_broker': {'high_value_targets': ['Payment processes']},
'investigation_status': 'Ongoing (industry-wide coordination gaps identified)',
'lessons_learned': ['Effective responders had clear control environments '
'(e.g., payments processes) and proactive cybersecurity '
'measures.',
'Industry lacks coordinated response capability for '
'multi-stakeholder incidents.',
'Public perception and member trust are critical but '
'underaddressed.',
'Competition vs. collaboration tension hinders collective '
'progress.'],
'motivation': ['Financial Gain', 'Disruption'],
'post_incident_analysis': {'corrective_actions': ['Proposal to establish '
'clear accountability for '
'multi-stakeholder incident '
'response.',
'Call for improved '
'collaboration despite '
'competitive tensions.'],
'root_causes': ['Lack of industry-wide '
'coordination mechanism.',
'Varied effectiveness of '
'individual fund responses.',
'Market volatility exploited '
'during incidents.']},
'recommendations': ['Develop a unified industry response framework for cyber '
'incidents.',
'Enhance accountability for member protection.',
'Improve cross-stakeholder coordination and '
'communication.',
'Address public perception/Trust risks proactively.'],
'references': [{'date_accessed': '2024-07-00',
'source': 'APRA Analysis of Superannuation Cyber Roundtable'}],
'regulatory_compliance': {'regulatory_notifications': 'APRA-led industry '
'roundtable (July 2024) '
'with National Office '
'of Cyber Security'},
'response': {'communication_strategy': 'Industry roundtable (July 2024) to '
'address coordination gaps',
'containment_measures': ['Transaction interruption',
'Fund recovery (for diverted payments)'],
'incident_response_plan_activated': 'Yes (by some funds; '
'effectiveness varied)'},
'stakeholder_advisories': 'APRA and National Cyber Security Coordinator '
'emphasized need for collective action.',
'title': 'Cyber Incidents Targeting Australian Superannuation Funds '
'(March-April 2024)',
'type': ['Cyber Attack', 'Financial Fraud (attempted)']}