Australian logistics company Toll Group has confirmed about a ransomware attack on them which occurred last week.
Due to the targeted ransomware attack, the company has decided to immediately isolate and disable some systems in order to limit the spread of the attack.
They moved quickly to mitigate the potential impact and are conducting investigation to restore all of the relevant systems at the earliest.
The company which has more than 40,000 employees has shut down several systems as a precautionary measure, which impacted several of its customer-facing applications.
Toll stated that there is no evidence of any personal data being lost in the security incident.
Due to the attack Toll has to use a combination of manual and automated processes to clear the backlog of undelivered goods the ransomware attack has caused.
The company’s processing centers are continuing to operate pick up, processing and dispatch functions even though some are done at a slower pace.
Toll stated in an update that the ransomware that it fell victim to is a new variant of the Mailto ransomware.
They have shared samples of the relevant variant with law enforcement, the Australian Cyber Security Centre, and cybersecurity organizations to ensure the wider community is protected.
They confirmed that many of their customers are able to access its services across large parts of the network globally including freight, parcels, warehousing and logistics, and forwarding operations. They also assured that its backlog is returning to usual levels with increased staff helping ease the load.