SYDNEY (Reuters) -Several Australian pension funds have been hit by coordinated hacking that compromised thousands of member accounts in the A$4.2 trillion ($2.66 trillion) industry, the government’s cyber security chief said on Friday.
National Cyber Security Coordinator Michelle McGuinness said in a statement she was aware of cyber criminals targeting account holders of pension funds and was coordinating a response across the government.
AustralianSuper, the country’s largest fund managing A$365 billion for over 3.5 million members, said up to 600 member passwords were stolen and used to access their accounts in attempts to commit fraud.
“We took immediate action to lock these accounts and let those members know,” chief member officer Rose Kerlin said.
REST, the default industry pension fund for retail workers, with A$93 billion of assets under management, suffered an attack last weekend that impacted around 1% of its 2 million members, its CEO Vicki Doyle said.
The largest retail superannuation brand owner, Insignia Financial, which manages A$327 billion, said a “malicious third-party” attempted to access online pension accounts on its Insignia Financial Expand platform. There had been no financial impact at this stage to members, an Insignia spokesperson said.
Other funds did not immediately respond to requests for comment.
($1 = 1.5800 Australian dollars)
(Reporting by Christine Chen in Sydney; Editing by Jamie Freed and Sonali Paul)
