Cbus has confirmed its members were also targeted in a widespread attack on superannuation funds, with a “spike in log-in attempts” triggering multi-factor authentication prompts for some users.
The fund said that a “small number of accounts may have been impacted” by the malicious activity.
It said the accounts were “proactively deactivated” and that members “are being contacted”.
“This cyber incident occurred several days after the reported attack impacting several other super funds,” Cbus said in a statement.
“It is not clear if the incident is related to the other attacks and investigations are continuing.”
Cbus joins AustralianSuper, Rest Super and Insignia Financial in being caught up in the incident.
Insignia said late last week [pdf] that a platform used by financial advisers was targeted.
Cbus – and other funds including AustralianSuper – said that the timing of the attack, coinciding with significant volatility in global financial markets, had left them fielding high volumes of questions from customers about account balances.
Cbus said that its “unusually high spike in log-in attempts coincided with a time of significant market volatility potentially causing increased member engagement.”
AustralianSuper also suggested that account balance issues were more likely to be the result of market movements rather than the cyber incident.
“If you see a reduction in your account balance you weren’t expecting, this does not necessarily indicate fraudulent or suspicious activity on your account,” the fund said.
“Global markets are experiencing more volatility than usual.
“It’s important to remember that market ups and downs are a normal part of investing.”
AustralianSuper also recorded a video with its CTO Mike Backeberg seeking to reassure members of the incident response efforts.
