By Jack Gramenz and Jennifer Dudley-Nicholson

People seeing a zero-balance in their retirement funds and those who cannot even check them are being assured their accounts are secure as superannuation managers contact members targeted in a cyber attack.

Hackers have targeted hundreds of Australian superannuation accounts from funds managing more than $1 trillion in assets in a coordinated online attack using stolen passwords, with experts warning security needs to be bolstered.

Hostplus, Rest, AustralianSuper and Australian Retirement Trust are among those targeted in an attack confirmed on Friday by Australia’s National Cyber Security Coordinator Lieutenant General Michelle McGuinness.

The nation’s biggest fund AustralianSuper said hackers allegedly sought lump sum withdrawals from up to 600 accounts.

Its more than 3.4 million members are struggling to log in amid high call-centre traffic and intermittent outages to online services, but some who have been able to gain access have been warned they will not like what they see.

“Even though you may not be able to see your account, or you are seeing a $0 balance, your account is secure,” the fund said, assuring members it is a temporary glitch.

“We are working hard to resolve is as quickly as possible,” it said.

Cybersecurity expert Matthew Warren said multi-factor authentication, requiring uniquely generated codes in addition to entering a password, needs to be implemented for every customer.

“This major cyber attack clearly highlights the weak authentication measures implemented by the Australian superannuation industry,” the director of RMIT’s cybersecurity centre said.

Insignia Financial, which oversees brands including MLC and IOOF, said about 100 accounts on its Expand platform had been targeted, but no financial impact to customers had been detected.

Rest said 8000 accounts may have had personal information accessed but no member funds were transferred.

“We have already contacted impacted members to reinstate their account access and provide next steps and support,” it said.

While some targeted accounts were not breached, the Association of Superannuation Funds of Australia revealed “a number of members” had funds stolen and would be contacted.

The attack took place on the weekend, and follows rising reports of online security threats in Australia with a cyber crime reported every six minutes.

Superannuation and banking firms were working with government agencies to respond to the attack, Lt Gen McGuinness said.

Superannuation funds are urging members to check for signs of fraud, ensure banking and contact details are correct, and change passwords if they are not unique to their account.

The superannuation industry association also confirmed members’ funds had been stolen.

“While the majority of attempts were repelled, unfortunately a number of members were affected,” the group said in a statement.

It is believed that attackers were targeting accounts that could deliver lump sum withdrawals.

Government agencies would investigate, Prime Minister Anthony Albanese said, warning online attacks had become common.

“There is an attack, a cyber attack in Australia about every six minutes,” he said.

The Australian Signals Directorate Annual Cyber Threat Report in 2024 revealed cyber crime reports had increased 12 per cent, with an average of 100 calls per day to the Australian Cyber Security Hotline.