Firm moves to reassure customers while disruptions are still in effect
Toll Group confirms it was the subject of a targeted ransomware attack, which has now been referred to authorities for a criminal investigation, adding there is no evidence personal data has been compromised.
In an update on the firm’s website on Tuesday, Toll explains it became aware of the issue on Friday January 31, causing it to isolate and disable certain systems to contain the spread of the attack.
It notes it is still undertaking a detailed investigation with a view to restoring all of the relevant systems as soon as possible.
It is utilising a combination of manual and automated processes across its global operations.
For example, its online booking platform is temporarily disabled, but for parcels customers its contact centres are still processing deliveries.
How the issue of Toll’s cyber incident came to light, here
Other operations are operating on manual systems based on Toll’s business continuity plans.
“We moved quickly to mitigate the potential impact and we’re undertaking a detailed investigation with a view to restoring all of the relevant systems as soon as possible.
“In the meantime, we’ve introduced manual systems where required to ensure we can continue to meet the needs of our customers.”
It adds that, at this stage, there is no evidence to suggest any personal data has been lost.
“While it’s an unfortunate situation, particularly for our customers, we’re committed to ensuring the security of our systems before we resume normal online operations,” the company says.
“We’re working with relevant authorities and have referred the matter to the appropriate bodies for criminal investigation.
“We’re continuing to undertake a thorough investigation and we’re working around the clock to restore normal services at the earliest opportunity.
“We’ll continue to provide updates as we securely bring our systems back online.”