Australian Finance Cyber Incident, 27 March 2023

Australian superannuation fund NGS Super hit by cyber attack, ‘limited data’ taken from its system

NGS Super said it could not publicly disclose the exact number of customers impacted, nor “details of the types of information impacted.”

Company Statement: Cyber incident update
Source: Superannuation fund NGS Super hit by cyber attack, ‘limited data’ taken from its system | ABC News (Australia)

View more incidents from the Banking and Finance sector.

Superannuation fund NGS Super has confirmed it was hit by a cyber attack earlier this month which resulted in “some limited data” being taken from its system.

In an email to its members on Monday afternoon, the superannuation fund said it became aware that a cyber attacker had gained access to its corporate IT system on March 17.

The fund said it “immediately” shut down its network after it detected the unusual activity and launched several cybersecurity protocols, including enhanced network monitoring, which contained the incident.

The stolen data was stored on “internal drives”, according to the fund; why it was stored there is a matter for investigation.

NGS has not disclosed how many of its members had data stolen in the attack, or the type of data that was taken.

“We are taking all reasonable steps to prevent this from happening again. We are continuing to work with cyber security experts, regulators and stakeholders to limit the impact of this incident and mitigate risk.” – company statement