Update 7 April 2025
Cbus has reported to APRA an unusually high spike in log-in attempts which occurred several days after the cyber-attack that impacted other super funds.
At this stage of our inquiries, there is no evidence that any financial losses have occurred for Cbus members.
The unusually high spike in log-in attempts coincided with a time of significant market volatility potentially causing increased member engagement.
Out of an abundance of caution, the fund is investigating a small number of accounts that may have been impacted including accounts where multi-factor authentication was triggered in the hours before and after the spike event. These accounts were pro-actively deactivated, and the members are being contacted.
The incident was reported to APRA on the weekend and has been reported to the Australian Cyber Security Centre. The fund is continuing to investigate this event with our cyber security partners.
This cyber-incident occurred several days after the reported attack impacting several other super funds. It is not clear if the incident is related to the other attacks and investigations are continuing.
We are constantly monitoring for threats to help ensure the safety of our members.
Due to higher-than-usual traffic, some members may experience intermittent issues with the Cbus App and Cbus Member Portal, as well as longer wait times for phone calls.
We apologise for the inconvenience and are working hard to restore services as quickly as possible.
Learn how to be on alert for super scams.