SYDNEY, June 10 -- Australian Prudential Regulation Authority issued the following media release:
The Australian Prudential Regulation Authority (APRA) has written to all RSE (Registrable Superannuation Entity) licensee board chairs, reinforcing expectations around information security and the implementation of robust authentication controls.
This action follows recent credential stuffing attacks that exposed persistent weaknesses in authentication practices across the superannuation industry. APRA has reminded entities of their obligations under Prudential Standard CPS 234 Information Security and outlined specific actions to assess and strengthen authentication controls.
APRA expects all RSE licensees to complete a self-assessment of t...