Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Major Australian super fund Cbus Super and its partner fund Media Super have reported a suspiciously large number of login attempts on their websites, closely following news that a number of other major super funds had suffered a cyber incident.
Cbus, which is the largest super fund for those in the construction and building industry, merged with Media Super in 2022. Together, they manage the assets of over 920,000 members.
Both super funds released an identical statement saying they had detected an “unusually high spike in log-in attempts [that] coincided with a time of significant market volatility potentially causing increased member engagement.
“Out of an abundance of caution, the fund is investigating a small number of accounts that may have been impacted including accounts where multi-factor authentication was triggered in the hours before and after the spike event. These accounts were pro-actively deactivated, and the members are being contacted,” it said.
Cbus said that its “cyber incident” occurred days after other major super funds such as AustralianSuper, Rest, Australian Retirement Trust and Insignia, which owns MLC, reported a cyber incident that resulted in personal data being exfiltrated.
Interestingly, however, Insignia said that the source of the cyber incident was a credential stuffing attack, in which stolen credentials sourced from the dark web are forced into the login page of an organisation to see if the person whose credentials have been stolen was a member and gain access.
While unconfirmed, the “spike in log-in attempts” on Cbus and Media Super could be another credential stuffing attack attempt or a copycat attack, as it occurred days after the first.
Rest and Insignia have said that no money had been exfiltrated from its users’ accounts; however, AustralianSuper confirmed that some accounts had money stolen.
That being said, the super funds have said the cyber attack came at a time of increased market volatility, which could represent changes in the amounts in people’s super fund accounts.
“If you see a reduction in your account balance you weren’t expecting, this does not necessarily indicate fraudulent or suspicious activity on your account,” said AustralianSuper.
“Global markets are experiencing more volatility than usual.
“It’s important to remember that market ups and downs are a normal part of investing.”
The Australian Prudential Regulation Authority (APRA) declined comment on the incident following requests by Cyber Daily sister brand InvestorDaily.
Be the first to hear the latest developments in the cyber industry.
