U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Toll Group shuts down some online systems after ransomware attack

The Australian transportation and logistics giant Toll Group has suffered a ransomware attack that forced it to shut down part of its services. The Australian transportation and logistics giant Toll Group was victim of a ransomware attack, in response to the incident the company has shut down some of its online services. The Toll Group is an […]

Reynolds ransomware uses BYOVD to disable security before encryption ransomware

The Australian transportation and logistics giant Toll Group has suffered a ransomware attack that forced it to shut down part of its services.

The Australian transportation and logistics giant Toll Group was victim of a ransomware attack, in response to the incident the company has shut down some of its online services.

The Toll Group is an Australian transportation and logistics company with operations in road, rail, sea, air, and warehousing, it is a subsidiary of Japan Post Holdings and has over 44,000 employees.

The attack was discovered on January 31 when the internal staff detected a piece of ransomware on its systems. In order to mitigate the threat, the personnel isolated some systems to avoid malware propagation and potential data.

The company published a security breach notice on its website the same day, but it provided further details some days later.

“As a result of our decision to disable certain systems following a recent cyber security threat, we’re continuing to meet the needs of many of our customers through a combination of manual and automated processes across our global operations, although some are experiencing delay or disruption. For our parcels customers, all of our processing centres are continuing to operate including pick up, processing and dispatch albeit at reduced speed in some cases.” reads a data breach notification published by the company on its website.

“We can confirm the cyber security incident is due to a targeted ransomware attack which led to our decision to immediately isolate and disable some systems in order to limit the spread of the attack.”

The company declared that it has seen no evidence to suggest any personal data has been exfiltrated. The Toll Group has reported the incident to the authorities, an investigation is still ongoing.

While the systems were off-line, the customers were not able to track their shipments.

The company confirmed that the attack was targeted, but at the time it is unclear what ransomware family infected the systems at the Toll Group.

Toll Group is currently working on restoring affected systems, it is only accepting orders via phone.

“We’re working with relevant authorities and have referred the matter to the appropriate bodies for criminal investigation. In the meantime, we’ll continue to work to our current processes in order to meet the needs of our customers.” continues the company.

“For our parcels customers, all of our processing centres are continuing to operate including pick up, processing and dispatch albeit at reduced speed in some cases,” “Most other Toll operations are continuing to operate on manual systems based on our business continuity plans.”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Toll Group, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]