Can I recover funds stolen from super account in breach?
Vincent
Created: April 4, 2025
Updated: April 24, 2025
Read the full article
Discover why superannuation funds are vulnerable and how regulations, including FSC Standard No. 29, recommend MFA and phishing-resistant authentication.
Read the full articleAlready read by 5,000+ enterprise security leaders.
Can I recover funds stolen from my superannuation account due to a data breach?#
Yes, in some cases you may be able to recover stolen funds from your superannuation account after a data breach - but it's not guaranteed. Your ability to get reimbursed depends on the super fund’s internal policies, the speed of your response and the specific circumstances of the attack. Funds like AustralianSuper are assisting authorities with investigations, but have not committed to automatic compensation for affected members.
What influences your chances of recovery:#
- Timely reporting to your fund and relevant authorities
- Proof that you didn’t share or mishandle your credentials
- Whether the breach was on your side (credential reuse) or the fund's system
- Existing fund policies on fraud remediation
If your account was compromised, you should contact your fund immediately, file a formal complaint, and request remediation options. Some users may recover losses through insurance or legal claims, but past cases show mixed outcomes.
- You may be able to recover stolen super funds, but it depends on how the breach happened and your fund's policies.
- Contact your super fund immediately and document all suspicious activity.
- AustralianSuper is working with authorities to investigate, but hasn’t promised automatic reimbursement.
- In some past cases, members recovered partial funds after legal disputes—but outcomes vary.
What Happens After Funds Are Stolen?#
When funds are illegally withdrawn, super funds typically:
- Lock the affected account
- Initiate a forensic investigation
- Notify the user and regulators
- Work with banks and law enforcement to trace the funds
AustralianSuper, for instance, is assisting with the recovery of $500,000 stolen from four members but hasn't publicly confirmed whether those members will receive full compensation.
Can You Get Your Money Back?#
It depends. Here’s what the outcome often hinges on:
- If your password was reused across platforms and stolen in a prior breach, some funds may argue the breach occurred due to poor password hygiene.
- If multi-factor authentication was not enabled where available, this might weaken your claim.
- If the breach occurred due to a failure on the fund’s side, there’s a higher chance of full reimbursement.
Real-World Examples#
In 2020, an Australian retiree lost $180,000 to scammers and only recovered one-third of the amount after a four-year legal battle.. Legal costs often exceed the recovered sum, and results vary significantly depending on evidence and legal representation.
What You Should Do Right Away#
- Report the breach to your fund immediately
- Request a fraud investigation and inquire about reimbursement
- Document everything (login history, email alerts, fund communication)
- Report to external bodies like:
- IDCARE (identity theft support service)
- Scamwatch (to log the incident)
- AFCA (Australian Financial Complaints Authority) for dispute resolution
Read the full article#
Read the full article
Discover why superannuation funds are vulnerable and how regulations, including FSC Standard No. 29, recommend MFA and phishing-resistant authentication.
Read the full articleAlready read by 5,000+ enterprise security leaders.
Enjoyed this read?
🤝 Join our Passkeys Community
Share passkeys implementation tips and get support to free the world from passwords.
🚀 Subscribe to Substack
Get the latest news, strategies, and insights about passkeys sent straight to your inbox.
Share this article
