Cyberattacks on Australian superannuation funds have exposed leaking of member credentials as a critical vulnerability in the sector, consultancy Software@Scale warns.

The attacks on several prominent funds “highlight a worrying trend – the growing threat of credential theft from outside the traditional security perimeter”, it says.

CEO Louis Droguett says the attacks stemmed from compromised member credentials – “a clear blind spot in our cybersecurity landscape”. The industry now needs to move beyond traditional security measures and take a collaborative approach to combating external threats.  

“This isn’t a failure of multi-factor authentication or firewalls, it’s a failure to detect what’s already leaked,” he said. “We need shared threat intelligence, playbooks and proactive tooling to tackle credential-based attacks before they succeed. 

“The threat was visible but not acted upon. This demonstrates a critical need for proactive dark web monitoring. Knowing when member credentials are compromised allows funds to take immediate action before attackers can exploit them.”

The Software@Scale team monitors malware logs collected from “info-stealer” campaigns and finds most enterprises are compromised and exposed to “significant risk without awareness”.

Mr Droguett urges super funds and trustees to invest in dark web and credential exposure monitoring, and to “rethink cyber resilience as a shared responsibility”.

“The vulnerability of individual member accounts now represents a significant threat to the entire superannuation system.

“If there’s a silver lining, it’s that this breach may catalyse real investment in threat visibility beyond the firewall, and collaboration between security, compliance and digital experience leaders.”