A threat actor claims to have breached SuperEd, a financial technology company specializing in digital retirement advice solutions for the Australian superannuation industry. The company’s platform empowers super funds to deliver scalable, compliant, and personalized retirement services.
The breach, which the actor claims occurred in September 2025, involves the leak of a database allegedly belonging to the company. The data has been made available for free on a dark web forum.
According to the actor, the compromised data is a 1.5 GB SQL database. The leaked table structures suggest that the compromised information could include sensitive details on company prospects. The allegedly compromised data includes:
- Full names
- Phone numbers (home, mobile, and work)
- Physical addresses
- Email addresses
- Internal user and team IDs
