Toll Group has admitted fears that personal and commercial information may now be floating on the ‘dark web’ following a major cyber breach.
The logistics company was hit by its second cyber attack in the space of five months when a ransomware called ‘Nefilim’ brought its systems down last week.
In an update to customers, Toll confirmed the hackers accessed at least one specific corporate server and have downloaded some data contained on it.
According to the company, the server information concerns some past and present Toll employees plus details of commercial agreements with some of our current and former enterprise customers.
“The attacker is known to publish stolen data to the ‘dark web’,” Toll said in a statement. “This means that, to our knowledge, information is not readily accessible through conventional online platforms.”
However, the company stressed it was “not aware at this time” of any information from the server in question having been published.
The Australian Cyber Security Centre (ACSC) and the Australian Federal Police (AFP) are now working with Toll to investigate the incident as the company determines its regulatory disclosure obligations.
Toll Group managing director Thomas Knudsen said the company was the victim of an “unscrupulous act”.
“We condemn in the strongest possible terms the actions of the perpetrators. This a serious and regrettable situation and we apologise unreservedly to those affected. I can assure our customers and employees that we’re doing all we can to get to the bottom of the situation and put in place the actions to rectify it”, he said.
Toll expects that it will take a number of weeks to determine more details and is now contacting people who may be affected.
Both cyber attacks have impacted a number of deliveries in and around Australia.
In its recent results update, Kogan claimed an unnamed delivery partner was hit by a cyber attack, which forced it to use another company during the disruption.
While Kogan has been careful not to name the delivery partner that was affected, Toll, was hit by a ransomware attack at the end of January, with the company reporting on 18 March that its core services had finally returned to normal.
Meanwhile on Friday, Telstra has told customers that the ransomware attack on Toll was causing delays to its orders, alongside disruption caused by the COVID-19 pandemic.