Posted on February 5, 2020 at 1:02 PM

Recent Attack on Toll Group Forces Company to Shut Down Some Operations

Toll Group, Australian logistics and transportation giant were recently attacked by hackers who infiltrated the company’s system with ransomware. As a result, it has shut down some of its services online until it patches up the breach.

The Toll Group is a subsidiary of Japan Post Holdings, with operations in warehousing, air, sea, rail, and road transport. Currently, it has more than 44,000 workers under its payroll.

The internal staff of the company discovered the attack on 31st January when he saw a piece of ransomware on the systems. To deal with the attack, the personnel decided to isolate some of the systems. However, the affected systems will be blocked until they are patched and declared safe.

The same day, Toll Group announced the breach on its website, but additional details were given a few days later.

Toll Group still committed to great service delivery 

The company said it still wants to serve its customers well, which is the reason it disabled some of the systems that were affected. It stated that there is an ongoing process to mitigate the breach.

It’s continuing to meet the needs and demands of its customers through a combination of automated and manual processes across its global operations, the company stated. While there are still some delays and disruptions in certain cervices, Toll Group hopes to restore complete services as soon as possible.

The company reiterated that its parcel customers do not have issues as all its processing centers are in operation, although not at full capacity yet. Anyone who wants to dispatch, process, or pick up can do so without any issues, Toll Group reiterates.

Incidence is a result of targeted ransomware

Toll Group has confirmed that the attack was caused by targeted ransomware that took advantage of some unpatched modules in the systems. In reaction, it has already disabled and isolated some of the systems that are affected and other ones vulnerable to attack. However, there is no evidence yet to suggest there has been the infiltration of personal data.

As the company keeps making progress towards the complete recovery of the systems, it will keep updating customers on the expected full recovery timeframe. It says it will continue to give updates on the situation until all services and applications are restored.

Customers could not track their shipment when the systems were offline, but as service gradually resumes, online tracking will now be available.

Some Toll customers expressed their disappointment

Some customers have expressed their disappointment over the situation, as some said it has been several days and they have not been able to lodge in their shipment details. Another customer expressed his disappointment on the company’s twitter page.

He said he has called Toll Group 4 times regarding tracking his shipment but the company has not given a favorable response. He pointed out that hackers can succeed in taking down the public data, but it is a huge disappointment from the company’s perspective if the staff cannot access the tracking database.

Also, it seems the issue will not be resolved as quickly as many expect because the type of ransomware used in the attack is still no known. According to some customers, the company needs to find out the type of ransomware responsible for the attack before it could proffer mitigation solutions.

As the Toll Group is still trying to restore its systems, it only accepts orders through phone. The company said it is seriously working with the right law enforcement agencies and security outfits to make sure that the matter is resolved quickly.

It also pointed out that the matter has been reported to law enforcement authorities to carry out their criminal investigation. Currently, Toll Group will continue working with the limited systems it has. The limited service will continue until after all patches have been made, Toll Group concludes.