← Back to all posts

Superannuation Breach: What You Need to Know and Do

April 4, 2025

Superannuation Breach: What You Need to Know and Do

People are asking me about the Superannuation breach, I wanted to answer a few questions and help you take action.

💥 What happened?

Several major Australian Super providers were hit in a breach that exposed ~8700 accounts, resulting in $500,000 stolen and a lot of Personal Data —so far.

The providers affected include:

  • Hostplus
  • Australian Super
  • Australian Retirement Trust
  • MLC
  • REST

The attack was likely a credential stuffing attempt. This means stolen usernames and passwords (from Optus, Medibank, etc.) were reused to log in to your Super account.

📌 Other contributing factors may include:

  • Lack of Multi-Factor Authentication (MFA)
  • A possible zero-day vulnerability to access internal systems

🧠 Why this matters

Even though only 4 people lost money, your Super is a long-term target. It's easy to ignore until it's gone.

I personally use Australian Super and I haven't been able to log into the app today—so if you're having trouble, you're not alone.

✅ What You Should Do

🔁 Keep trying to log in​

Some systems are down, but try again later this weekend.

🔐 Change your password​

Make it strong and unique. Now is the time to use a password manager:

  • Proton Pass​
  • KeePassXC​

🔒 Enable MFA​

If your Super provider supports it, turn it on immediately.

📉 Check your balance​

Small dips may be market-related—but big changes? Report them fast.

👀 Keep an eye out for Fraud

​The personal information stolen can lead to other accounts being stolen, especially if you reuse your Super password for Banking, Email and other things.

🥶 Freeze your credit

​While it might seem like an extreme measure, freezing your credit, can prevent new accounts being raised in your name. You can lift this as you please, so that you can apply for new credit, but protects you from credit being extended using your identity.

🎉 Book Launch Update

📘 I've got good news too!

​This Thursday, I'll be sending out the digital copy of my book to everyone subscribed to my mailing list —for free. 🎁

If you want to help spread the word, please share this post and invite others to sign up at: 👉 https://secureinseconds.com

They'll get the book too — if they sign up before Thursday. And if you want a physical copy? It'll be available to purchase this Friday!

Stay safe out there!​ Mat

PS: If you've got any family with Super accounts, share this with them too. Prevention is easier than recovery.

Readers of the book will be better armed against hacks just like these! Let me know if you have any questions!