Toll hit by cyber attack….again
TRANSPORT AND LOGISTICS GIANT TOLL GROUP has suffered its second ransomware attack this year – confirming last month that data had been stolen in the latest cyber attack.
The Australian-based company revealed the second breach of its IT system’s security this year in a statement on May 5 – but said then that security experts had found no evidence at that point “to suggest that any data has been extracted from our network.”
However, a week later, it confirmed that the attackers had accessed “at least one specific corporate server” in its IT system – and had “downloaded some data stored…”
Adding that the company was “in the process of identifying the specific nature of that information.
“This server contains information relating to some past and present Toll employees, and details of commercial agreements with some of our current and former enterprise customers.”
Toll said it had “refused from the outset to engage with the attacker’s ransom demands, which is consistent with the advice of cyber security experts and government authorities.”
The company reportedly suffered disruption to its IT operations for more than a month after a late January cyber attack, said to have been the work of Russian hackers.
In last month’s cyber attack,Toll said that “a relatively new form of ransomware known as Nefilim” was used and added: “This is unrelated to the ransomware incident we experienced earlier this year.”
Toll said that the May attacker “is known to publish stolen data to the ‘dark web.’ This means that, to our knowledge, information is not readily accessible through conventional online platforms. Toll is not aware at this time of any information from the server in question having been published.”
It’s not known whether any of the stolen data involves Toll Group’s customers or staff in New Zealand, but the company said it is working with the Australian Cyber Security Centre (ACSC) and the Australian Federal Police (AFP) on the latest hack.
Toll Group managing director Thomas Knudsen described the most recent attack as “an unscrupulous act.”
And he added that cyber crime poses “an existential threat for organisations of all sizes, making it more important than ever for business, regulators and government to adopt a united effort in combating the very real risk it presents the wider community.
“We condemn in the strongest possible terms the actions of the perpetrators. This is a serious and regrettable situation and we apologise unreservedly to those affected. I can assure our customers and employees that we’re doing all we can to get to the bottom of the situation and put in place the actions to rectify it,” he said.
Toll said that, given the technical and detailed nature of the analysis in progress, it expects that it will “take a number of weeks to determine more details.
“We have begun contacting people we believe may be impacted and we are implementing measures to support individual online security arrangements.”
Toll has not disclosed whether the data stolen involves any of its New Zealand business