Rankiteo Blog

Spirit Super

Harshit Kaur Bhatia -

Australian pension provider Spirit Super suffered a data breach incident after an employee’s email account was accessed.

An unauthorized party gained access to a mailbox containing personal data that included names and other sensitive information of approximately 50,000 individuals.

The personal data included names, addresses, ages (as at 2019 and 2020), email addresses, telephone numbers, member account numbers, and member balances (as at 2019 and 2020).

The breach was a result of a widespread phishing campaign which the team detected and restored the compromised account and acted quickly to contain and limit the impact of the breach

Source: https://portswigger.net/daily-swig/data-breach-at-australian-pension-provider-spirit-super-impacts-50k-victims-following-phishing-attack

"id": "SPI34211822",
"linkid": "spirit-super",
"type": "Breach",
"date": "05/2022",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of a geographical region"