Toll Group had suffered a breach in January 2020 after hackers targeted its cyberinfrastructure with Mailto ransomware.
The trend of targeting companies with ransomware then leaking on the dark web is increasing. In a recent incident, the hackers who targeted an Australian logistics firm Toll Group with Mailto ransomware in January 2020 and stole around 200 GB of corporate data have now published it on the dark web platform for corporate leaks.
The group taunted the company for implementing lackluster security measures as its systems were crippled after the ransomware attack.
The hackers posted that:
“Toll Group failed to secure their network even after the first attack.” “We have more than 200GB of archives of their private data.”
In an official statement, Toll Group confirmed the incident claiming that investigations were underway and so far they have learned that the attacker has uploaded some of the stolen data on the dark web via a server infected with the Nefilim ransomware.
The company has already anticipated that the hacker would be publishing the data after exfiltrating it from their corporate server. This particular server stored details of the company’s employees and the commercial agreements between its former and current enterprise customers.
According to the analysis of Data Breach Today, the files posted on the dark web contain critical corporate data including drug screening invoices and financial reports.
Toll is currently verifying the true nature of the data that’s been published. Once the assessment is complete, the impacted parties will be notified immediately, and the company pledged to offer maximum support to address their woes.
However, Toll has affirmed that it hasn’t paid the demanded ransom as yet. As per the managing director for Toll Group, Thomas Knudsen, this is a condemnable action from the perpetrators and they won’t give in to their demands.
“I can assure our customers and employees that we’re doing all we can to get to the bottom of the situation and put in place the actions to rectify it” stated Knudsen.
The company has successfully managed to bring its systems back online and the My Toll website is functioning normally.