Toll Group has taken some of its IT systems offline after detecting what it called “unusual activity” on some of its servers on Monday morning.
The company confirmed details of the incident to iTnews but said it did not believe the activity was related to an earlier ransomware attack that it took the best part of six weeks to recover from.
Customer-facing systems including MyToll, the portal used by customers to book pick-ups and to view track-and-trace information, are among those taken down.
The company’s contact centres also appear to be offline, with a short recorded message noting that “MyToll is currently experiencing technical difficulties. We are working on restoring all services as soon as possible.”
A Toll Group spokesperson told iTnews the company “detected unusual activity on some of [its] servers” on Monday morning.
“As a precautionary measure, we moved quickly to take various IT systems offline, including the servers in question, while we initiated a full investigation,” the spokesperson said.
“Initial indications suggest that the source of the activity is unrelated to that of the ransomware incident of earlier this year.
“We activated our business continuity plan as soon as we disabled the online systems in question, including instigating manual processes to ensure we can keep services moving for our customers.
“We have been working through the day with certain customers who have been impacted.”
Several independent sources told iTnews that the company was experiencing another security incident, although its nature had been unclear for much of the day.
It is Toll Group’s second IT security incident this year after being hit with a “targeted ransomware attack” in late January.
The timing of this latest incident is likely to be particularly damaging, given it comes as Australians are relying more heavily on couriers to deliver goods purchased online, with many bricks-and-mortar stores still closed due to the COVID-19 pandemic.