Delivery giant Toll Group has admitted to falling victim to a “targeted ransomware attack”, which led to its decision to disable its systems at multiple sites and business units, causing widespread delays and disruptions.
Australian businesses have taken to social media to vent their frustrations over delivery disruptions following Toll Group’s decision to shut down some of its systems in response to a cyber attack.
“As a precautionary measure, in response to a cyber security incident on Friday, Toll deliberately shut down a number of systems across multiple sites and business units,” Toll said earlier this week.
The Australian logistics company explained that it became aware of the issue on Friday, 31 January, and moved quickly to disable the relevant systems and initiate a detailed investigation to understand the cause and put in place measures to deal with it.
“We’re working with relevant authorities and have referred the matter to the appropriate bodies for criminal investigation. In the meantime, we’ll continue to work to our current processes in order to meet the needs of our customers.”
In an update on Wednesday, Toll Group informed that many of its customers are now able to access its services across large parts of the network globally including freight, parcels, warehousing and logistics, and forwarding operations.
“Based on a combination of automated and manual processes instituted in place of the affected IT systems, freight volumes are returning to usual levels. We have also increased staffing at our contact centres to assist with customer service,” Toll said.
“Notwithstanding the fact services are being provided largely as normal, some customers are experiencing delays or disruption, and we’re working to address these issues as we focus on bringing our regular IT systems back online securely.”
The company disclosed that it was attacked by a new variant of the Mailto ransomware and that the Australian Cyber Security Centre has been informed.
“There continues to be no indication that any personal data has been lost as a result of the ransomware attack on our IT systems. We continue to monitor this as we work through a detailed investigation,” Toll said.