iTnews

Toll Group tight-lipped on alleged ransomware attack

By Ry Crozier on Feb 4, 2020 6:57AM
Toll Group tight-lipped on alleged ransomware attack

May have infected over 1000 servers.

Toll Group is staying tight-lipped on what appears to be a large-scale ransomware attack that has infected a sizable part of its IT infrastructure.

The logistics giant first reported that it was suffering from the effects of a “cyber security incident” on Friday last week.

That continued into this week with pickup and tracking systems, including its MyToll portal, offline. 

Read the latest: Toll Group hit by "new variant" of Mailto ransomware

A support line for MyToll reached by iTnews on Monday afternoon said it was “closed” and to email instead.

The company said in a statement that “as a precautionary measure, in response to a cybersecurity incident on Friday, Toll deliberately shut down a number of systems across multiple sites and business units.”

“Toll IT teams are working closely with global cyber security experts to resolve the issue,” it said.

“Our immediate focus is on bringing our systems back online in a controlled and secure manner.”

A source with knowledge of the incident told iTnews that the company has been hit with a sizable ransomware infection that is impacting global operations.

The source said that over 1000 servers had been infected, and that staff worldwide had been told to leave desktops and laptops switched off and disconnected from the corporate network.

The source said Active Directory, productivity and corporate VPN applications were among those infected and taken offline.

This appears to mesh with other reports of the incident sighted by iTnews, which claimed ransomware had infected systems in Toll’s main data centre; that the company had no IT systems operating; and that it was in the process of manually cleaning servers in an effort to bring them back online.

iTnews put its understanding of the incident to Toll Group’s media representatives on Monday. 

The company responded with a prepared statement that did not address any of the points.

It did not further respond to follow-up emails and calls made to several media representatives.

Toll Group’s IT operating model includes a sizable workforce outsourced to Infosys.

An Australian spokesperson for Infosys declined to comment on the incident, including whether its teams were involved in the recovery.

“As a matter of corporate policy, Infosys does not comment on client matters,” its spokesperson said.

Toll said it was “making progress” in its recovery efforts.

“Staying focused on customers remains at the forefront of Toll’s priorities as we restore our services and we sincerely apologise for any inconvenience caused,” it said.

“We want to thank our customers for their patience and support.”

Ransomware has been back in the spotlight in the early part of 2020 with high-profile attacks such as on foreign exchange firm Travelex, which took the best part of a month to recover from. Travelex has refused to say publicly if it paid the $9 million ransom or not.

Total losses from malware can be much more substantial, however. A Petya malware infection cost fellow logistics firm TNT Express $374 million, while staff at law firm DLA Piper put in 15,000 hours of overtime to recover from an encounter with the same piece of malware.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
attack cyber infection ransomware security toll group

Partner Content

Setting a path to self-funded mainframe-to-cloud modernisation with Micro Focus
Promoted Content Setting a path to self-funded mainframe-to-cloud modernisation with Micro Focus
Improving returns from SD-WAN spending
Partner Content Improving returns from SD-WAN spending
Four data superpowers to harness before 2022
Promoted Content Four data superpowers to harness before 2022
As Australian companies lean more heavily on the cloud, edge security is finding its stride
Partner Content As Australian companies lean more heavily on the cloud, edge security is finding its stride

Sponsored Whitepapers

Encryption: Protect your most critical data
Encryption: Protect your most critical data
Overcoming data security challenges in a hybrid, multicloud world
Overcoming data security challenges in a hybrid, multicloud world
Move beyond passwords
Move beyond passwords
The top 5 tech trends to deliver business outcomes
The top 5 tech trends to deliver business outcomes
10 reasons why businesses need to invest in cloud security training
10 reasons why businesses need to invest in cloud security training

Events

  • On-Demand Webinar: How Poly and Microsoft are Embracing Future Work Environments
By Ry Crozier
Feb 4 2020
6:57AM
0 Comments

Related Articles

  • Toll Group unveils year-long 'accelerated' cyber resilience program
  • Lion warns of beer shortages after cyber attack
  • Toll reintegrates with customers' IT systems after ransomware attack
  • CD Projekt hit by cyber attack
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

TPG Telecom to start enticing NBN customers to move

TPG Telecom to start enticing NBN customers to move

Infosys scores another $40m for Centrelink payments engine build

Infosys scores another $40m for Centrelink payments engine build

Telstra InfraCo opens up telco's own fibre network

Telstra InfraCo opens up telco's own fibre network

Transport for NSW data stolen in Accellion breach

Transport for NSW data stolen in Accellion breach

You must be a registered member of iTnews to post a comment.
Log In | Register
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.