---
url: 'https://www.corbado.com/faq/how-to-check-if-superannuation-account-compromised'
title: 'How to check if my super account has been compromised?'
description: 'See how to check if your superannuation account has been compromised after the recent cyberattack.'
lang: 'en'
---

# How to check if my super account has been compromised?

## How can I check if my superannuation account has been compromised?

To check if your superannuation account has been compromised, log in to your super fund’s
online portal and verify your account details - especially your recent activity, contact
information, and linked bank account. If anything looks unfamiliar or has been changed
without your knowledge, it may be a sign of unauthorized access. You should also look out
for alerts from your fund and contact their support team directly if you notice anything
unusual.

Here’s what you should do:

## Step-by-step checklist:

- **Log in to your super fund's online account** via their official website or mobile app
  (avoid links in emails).
- **Check your recent activity** (e.g., login times, withdrawals, contact updates).
- **Verify your personal details** such as email, phone number, and bank account.
- **Look for suspicious changes** like updates to your beneficiary list or transfer
  attempts.
- **Enable multi-factor authentication (MFA)** if your fund offers it.

Funds like AustralianSuper and Rest have already notified affected members and urged
everyone to take precautionary steps. Even if you haven’t been contacted, it's crucial to
stay vigilant.

> - To check if your super account has been compromised, log in and review your recent
>   activity, contact details, and bank information.
> - Look for unauthorized logins, changes to contact or bank info, or fund withdrawals.
> - If your fund offers multi-factor authentication (MFA), enable it immediately.
> - Contact your super fund directly if you notice suspicious activity or receive unexpected
>   alerts.

---

## How Super Accounts Were Compromised

The recent cyberattack on Australian
[superannuation funds](https://www.corbado.com/blog/superannuation-funds-mfa-fsc-29) was primarily executed
through a method called **credential stuffing**, where attackers used stolen usernames and
passwords from unrelated data breaches to log in to super accounts.

## What to Look Out For

Even if no funds were stolen from your account, compromised login credentials could allow
attackers to:

- Change your email, phone number, or postal address
- Update your linked bank account
- Modify beneficiaries
- Attempt unauthorized withdrawals if you're eligible for drawdown (commonly over 60)

[Super funds](https://www.corbado.com/blog/superannuation-funds-mfa-fsc-29) like **AustralianSuper**, **Rest**,
and **Insignia Financial** have reported such suspicious activities, and in some cases,
users were locked out of their accounts or saw erroneous balances.

## Why It’s Important to Act Now

Attackers are becoming more sophisticated. Even if you're not affected now, they may test
your credentials again in the future. Because many Australians rarely log in to their
super accounts, fraudulent changes can go unnoticed for weeks or even months.

That's why all members - especially those aged 60+ who may be in drawdown - should:

- **Review accounts regularly**
- **Use a unique password**
- **Never reuse passwords across services**
- **Set up MFA**

If you're unsure about anything, **do not click on links** in messages claiming to be from
your fund. Instead, **call them using a phone number on their official website**.

---

## Read the full article