Australian transport and logistics company Toll Group has suffered a second cyber attack in the space of just three months.
Toll confirmed today it was the victim of a cyber attack last week involving ransomware known as Nefilim.
After detecting this attack, Toll shut down its IT systems to mitigate the risk of further infection. Toll refused to engage with the attacker’s ransom demands.
The attacker accessed at least one specific corporate server which contains information relating to some past and present Toll employees, and details of commercial agreements with some of its current and former enterprise customers. The attacker downloaded some data stored on the corporate server, likely to be published on the dark web.
Toll said today it is working with the Australian Cyber Security Centre (ACSC) and the Australian Federal Police (AFP) to resolve the issue.
“This a serious and regrettable situation and we apologise unreservedly to those affected,” Thomas Knudsen, Toll group managing director, said today.
Knudsen said cyber crime posed “an existential threat for organisations of all sizes, making it more important than ever for business, regulators and government to adopt a united effort in combatting the very real risk it presents the wider community”.
In February this year Toll had to shut down a number of systems in response to another cyber security attack.
Toll Group owns a fleet of seven vessels, made up of four roros, a general cargo vessel, an MPP and an anchor handling tug supply vessel.