AAS Investigates Alleged Theft of Tax and Super Records

AAS Investigates Alleged Theft of Tax and Super Records

Shivangi
Jul 16, 2026 11:53 AM IST
Category News

Synopsis

The Sydney-based accounting services provider is the latest Australian organisation targeted in a wave of cyberattacks.

01
Chapter one

Key Highlights

  • More than 33,900 records were reportedly stolen from Accounting and Adviser Services (AAS).
  • The alleged leaked data contains tax file numbers TFNs, SMSF specifics, portfolio valuations and personal information.
  • Cybersecurity experts warned that the combination of financial data makes a “complete financial blueprint” for scammers. 

More than 33,960 tax file numbers (TFNs), superannuation and monetary information have allegedly been stolen in a data breach by bookkeeping supplier Accounting and Adviser Services Pty Ltd (AAS) otherwise called AA Solutions.

In a post on an underground hacking forum, the threat actor who goes by the name “2019” claimed to have breached the forum and advertised three datasets up for sale with a price tag in Bitcoin and other cryptocurrencies.

AAS is a Sydney-based bookkeeping firm that offers services in Tax, SMSF administration and Investment and Portfolio administration.

02
Chapter two

Financial Data Allegedly Exposed

Sensitive data was claimed to be part of the breach, such as client and business names, residential and work addresses, email addresses, phone numbers, tax file numbers, portfolio worths, risk profiles, SMSF information, trustee information, account manager, adviser ID No, and other records, 

The hacker also posted examples of plain-text excerpts that seemingly name multiple accountants, consultants and SMSF members and directors from around New South Wales/Melbourne.

That combination of TFNs, SMSF trustee information, portfolio values and risk profiles provided fraudsters with a granular overview of an individual’s finances which could be exploited for sophisticated impersonation-style scams, cybersecurity firm Guardware said.

03
Chapter three

Experts Urge Immediate Action

Guardware CEO and co-founder Rizwan Mahmood cautioned that the financial information it claims was exposed “does not expire,” so those affected could be at risk for years.

He advised those whose TFN or superannuation details can be at risk to contact the Australian Taxation Office (ATO) for further identification measures and measures that might change their TFN as could be affected.

He also suggested changes to myGov credentials, the implementation of two-factor authentication, checking with SMSF trustees for account activity and being wary of unsolicited calls or emails from people saying they are from the ATO or a super fund.

04
Chapter four

A hacker behind many Australian data breaches

Since February, the threat actor dubbed “2019” has been behind alleged data breaches impacting 26 different Australian organisations.

Before AAS, the most recent alleged target of the group was Lifeline, which reported a data incident after limited staff and volunteers appeared online on the dark web. Lifeline said some of the information released seemed to have been manipulated.

Centrelink also denied that more than 2,100 records from its systems had been taken by the hacker in June.

The threat actor hasn’t been identified and doesn’t fit with any particular nation-state or hacking group, Information Age reports. Cybersecurity experts say authorities are trying to find out who was responsible but warned that any data already shared is “lost”.

Source: Information Age 


Written by Shivangi

At Inspirepreneurs Magazine, covering entrepreneurship, business failures, and the human stories behind the world's most ambitious founders. She writes at the intersection of strategy and storytelling.