Toll Group confirms "targeted" ransomware attack

By

Does not say what attackers were after.

Toll Group has confirmed it is the victim of a “targeted ransomware attack” that led it to “immediately isolate and disable” IT systems to stop the malware from spreading. 

Toll Group confirms "targeted" ransomware attack

The logistics giant finally posted confirmation of the attack type and customer-facing impact late on Tuesday, having refused to comment to iTnews a day earlier.

Read the latest: Toll Group hit by "new variant" of Mailto ransomware

iTnews reported that as many as 1000 servers in Toll’s data centre had been infected, and that staff had been advised not to turn on machines or try to connect them to the corporate network.

The company said today that it became aware of the issue on Friday 31 January.

“As soon as it came to light, we moved quickly to disable the relevant systems and initiate a detailed investigation to understand the cause and put in place measures to deal with it,” Toll said.

“We’ve been working around the clock since then to mitigate the impact and ensure customers can continue to access services.”

Toll said its parcel processing centres are operating, “albeit at reduced speed in some cases”. It was still accepting pickups booked via phone.

“We’re continuing to meet the needs of many of our customers through a combination of manual and automated processes across our global operations, although some are experiencing delay or disruption,” it said.

Toll said it is working with “relevant authorities” and “the appropriate bodies for criminal investigation”. 

The company said it was specifically targeted by the attackers, but did not say what the attackers were after.

Toll said that “at this stage, [it has] seen no evidence to suggest any personal data has been lost”. 

The company also said that while it understood mounting customer complaints about missing and untrackable deliveries, it needed to focus on securing and cleaning its IT environment.

“While it’s an unfortunate situation, particularly for our customers, we’re committed to ensuring the security of our systems before we resume normal online operations,” Toll said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Melbourne dev finds gift card PINs can be brute-forced

Melbourne dev finds gift card PINs can be brute-forced

"Widespread data theft" hits Salesforce customers via third party

"Widespread data theft" hits Salesforce customers via third party

Zero-click Apple and WhatsApp bug combo used to drop gov spyware

Zero-click Apple and WhatsApp bug combo used to drop gov spyware

Western Sydney University targets file-sharing sites hosting stolen data

Western Sydney University targets file-sharing sites hosting stolen data

Log In

  |  Forgot your password?