News: 0176925743

  ARM Give a man a fire and he's warm for a day, but set fire to him and he's warm for the rest of his life (Terry Pratchett, Jingo)

Hackers Strike Australia's Largest Pension Funds in Coordinated Attacks (reuters.com)

(Friday April 04, 2025 @05:40PM (msmash) from the high-stakes dept.)


Hackers targeting Australia's major pension funds in a series of coordinated attacks have [1]stolen savings from some members at the biggest fund, Reuters is reporting, citing a source, and compromised more than 20,000 accounts. From the report:

> National Cyber Security Coordinator Michelle McGuinness said in a statement she was aware of "cyber criminals" targeting accounts in the country's A$4.2 trillion ($2.63 trillion) retirement savings sector and was organising a response across the government, regulators and industry. The Association of Superannuation Funds of Australia, the industry body, said "a number" of funds were impacted over the weekend. While the full scale of the incident remains unclear, AustralianSuper, Australian Retirement Trust, Rest, Insignia and Hostplus on Friday all confirmed they suffered breaches.



[1] https://www.reuters.com/technology/cybersecurity/multiple-australian-pension-funds-hit-by-coordinated-hacking-media-reports-say-2025-04-04/


Passwords stolen from where? (Score:2)

by evanh ( 627108 )

The fund's own servers? Or maybe something external like a web browser or app?

So who is responsible for the loss? (Score:2)

by bagofbeans ( 567926 )

TFA doesn't say that the providers have to provide restitution...

Re: (Score:2)

by PPH ( 736903 )

I suppose that would depend on Australian law and exactly what sort of accounts these were. If it is some sort of trust account, where the pension fund holds the balances until the monthly checks go out, then it was actually the pension fund that got hit. Not 20,000 accounts.

On the other hand, if these are like demand accounts, where the retirees can draw funds, then each of them was robbed individually (sort of like someone stealing your debit card). There may be recourse, but that's up to Australian law

Not Everything Needs to be Online (Score:2)

by BrendaEM ( 871664 )

Sometimes you need to cut the cable.

Re: (Score:2)

by smooth wombat ( 796938 )

How would you like people to manage their accounts? Are they supposed to call in every time they want to change something? How secure is that?

/. is an American site (Score:1)

by Thud457 ( 234763 )

Question from an American - What is a "pension"?

Re: (Score:2)

by Vomitgod ( 6659552 )

its like aluminium

Re: (Score:2)

by neilo_1701D ( 2765337 )

> Question from an American - What is a "pension"?

Strictly speaking, the TFA is wrong: it was superannuation accounts that were hit.

To answer your question: "pensions" are almost the same as Social Security. Yes, there are important differences, but it's a close enough analogy.

"Superannuation" is almost like a 401(K).

I speak as an Australian living in the US.

Any two philosophers can tell each other all they know in two hours.
-- Oliver Wendell Holmes, Jr.