Australian retirement savings provider Super SA reports third-party data breach

Super SA, a South Australian government-owned superannuation provider, has reported a data breach originating from a "former external service provider," affecting member data within its superannuation schemes for South Australian public sector employees.

The breached data originates from an outsourced call center operation involved in a previous cyber security cleanup effort in 2019.

Superannuation is a retirement savings system used in countries like Australia, aimed at helping individuals build financial security for their retirement years. In this system, both employers and employees make contributions to a designated superannuation fund, often with favorable tax treatment.

The breach notification provides limited details, indicating that a "small cohort of members" may have been impacted by a cyber security incident. Super SA is taking proactive measures to secure member accounts, although it remains uncertain whether any of the Super SA data has been accessed.

While no suspicious activity has been detected on member accounts thus far, Super SA has heightened its identity theft monitoring and controls for potentially affected individuals since being informed of the incident.

SuperSA have delayed the public disclososure of the incident, which is reported almost two months after its initial discovery.