Beware of Bush Fire SCAMS
Facebook knows a lot about your online habits – here’s how to stop it
Show all

Toll Group tight-lipped on alleged ransomware attack

May have infected over 1000 servers.

Toll Group is staying tight-lipped on what appears to be a large-scale ransomware attack that has infected a sizable part of its IT infrastructure. The logistics giant first reported that it was suffering from the effects of a “cyber security incident” on Friday last week. That continued into this week with pickup and tracking systems, including its MyToll portal, offline. 

A support line for MyToll reached by iTnews on Monday afternoon said it was “closed” and to email instead. The company said in a statement that “as a precautionary measure, in response to a cybersecurity incident on Friday, Toll deliberately shut down a number of systems across multiple sites and business units.”

“Toll IT teams are working closely with global cyber security experts to resolve the issue,” it said. “Our immediate focus is on bringing our systems back online in a controlled and secure manner.” A source with knowledge of the incident told iTnews that the company has been hit with a sizable ransomware infection that is impacting global operations.

The source said that over 1000 servers had been infected, and that staff worldwide had been told to leave desktops and laptops switched off and disconnected from the corporate network. The source said Active Directory, productivity and corporate VPN applications were among those infected and taken offline.

This appears to mesh with other reports of the incident sighted by iTnews, which claimed ransomware had infected systems in Toll’s main data centre; that the company had no IT systems operating; and that it was in the process of manually cleaning servers in an effort to bring them back online.

Toll Group’s IT operating model includes a sizable workforce outsourced to Infosys. An Australian spokesperson for Infosys declined to comment on the incident, including whether its teams were involved in the recovery. “As a matter of corporate policy, Infosys does not comment on client matters,” its spokesperson said.

Toll said it was “making progress” in its recovery efforts. “Staying focused on customers remains at the forefront of Toll’s priorities as we restore our services and we sincerely apologise for any inconvenience caused,” it said.