Toll Group confirms "targeted" ransomware attack

By

Does not say what attackers were after.

Toll Group has confirmed it is the victim of a “targeted ransomware attack” that led it to “immediately isolate and disable” IT systems to stop the malware from spreading. 

Toll Group confirms "targeted" ransomware attack

The logistics giant finally posted confirmation of the attack type and customer-facing impact late on Tuesday, having refused to comment to iTnews a day earlier.

Read the latest: Toll Group hit by "new variant" of Mailto ransomware

iTnews reported that as many as 1000 servers in Toll’s data centre had been infected, and that staff had been advised not to turn on machines or try to connect them to the corporate network.

The company said today that it became aware of the issue on Friday 31 January.

“As soon as it came to light, we moved quickly to disable the relevant systems and initiate a detailed investigation to understand the cause and put in place measures to deal with it,” Toll said.

“We’ve been working around the clock since then to mitigate the impact and ensure customers can continue to access services.”

Toll said its parcel processing centres are operating, “albeit at reduced speed in some cases”. It was still accepting pickups booked via phone.

“We’re continuing to meet the needs of many of our customers through a combination of manual and automated processes across our global operations, although some are experiencing delay or disruption,” it said.

Toll said it is working with “relevant authorities” and “the appropriate bodies for criminal investigation”. 

The company said it was specifically targeted by the attackers, but did not say what the attackers were after.

Toll said that “at this stage, [it has] seen no evidence to suggest any personal data has been lost”. 

The company also said that while it understood mounting customer complaints about missing and untrackable deliveries, it needed to focus on securing and cleaning its IT environment.

“While it’s an unfortunate situation, particularly for our customers, we’re committed to ensuring the security of our systems before we resume normal online operations,” Toll said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
attackdata lossransomwaresecuritytoll group

Sponsored Whitepapers

Optus Enterprise Mobility
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Life After VMware: Scale Securely with mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?
State of the SOC: Building Resilience in a Shifting Threat Landscape
State of the SOC: Building Resilience in a Shifting Threat Landscape

Events

Most Read Articles

First npm worm "Shai-Hulud" released in supply chain attack

First npm worm "Shai-Hulud" released in supply chain attack
"VoidProxy" PhishKit targets Google and Microsoft users

"VoidProxy" PhishKit targets Google and Microsoft users
Actor auth tokens gave Global Admin access across Azure Entra ID tenants

Actor auth tokens gave Global Admin access across Azure Entra ID tenants
NSW gov third party-linked cyber incidents quadruple in two years

NSW gov third party-linked cyber incidents quadruple in two years
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?