A cyber incident has impacted several super funds in recent days, leaving some people’s accounts locked.
Some super fund members’ personal information such as their name, email and member number, may have been accessed. As a result, some super funds have locked impacted members’ accounts.
This type of incident, which is referred to as ‘credential stuffing’ is when a cyber criminal uses a list of stolen or compromised emails and passwords to attempt to log in to the member’s superannuation account.
If you’re worried about potential suspicious activity on your super account, contact your super fund immediately.
Suspicious activity could include:
- A transaction you haven’t made
- A change to your contact details or bank account
- Unauthorised attempts to change your password
Protect yourself online
Always use unique passwords on each platform. Make sure your passwords are long and complex. Strong passwords make it harder for people to hack into your accounts.
If your super fund provides it, we recommend using Multi Factor Authentication (MFA) too.
The Australian Cyber Security Centre (ACSC) has some useful tips on creating a strong password or passphrase.
You can read more on Moneysmart’s guidance on protecting yourself from identity theft.