Australian courier company Toll has shut down several of its key systems after receiving a targeted ransomware attack.
Toll Group is an Australian transportation and logistics company with operations in road, rail, sea, air and warehousing. It has three divisions; Global Express, Global Forwarding, Global Logistics. It is a subsidiary of Japan Post Holdings. According to a report, the company delivers 95 million items around the globe every year, including United States travel documents to Australians.
As a precautionary measure, in response to the cybersecurity incident, Toll deliberately shut down a number of systems across multiple sites and business units. The company said Toll IT teams were working closely with global cybersecurity experts to resolve the issue.
“Our immediate focus is on bringing our systems back online in a controlled and secure manner. Business continuity plans have been activated to maintain customer service and operations,” said the company. Although they are still investigating, Toll said there was no evidence to suggest any personal data has been lost.
Toll later issued an update, noting that the ransomware that affected their systems is a new variant of the Mailto ransomware. “We have shared samples of the relevant variant with law enforcement, the Australian Cyber Security Centre, and cybersecurity organizations to ensure the wider community is protected. There continues to be no indication that any personal data has been lost as a result of the ransomware attack on our IT systems. We continue to monitor this as we work through a detailed investigation,” noted the company.