After days of uncertainty and complaints from business owners about untraceable packages and missed deliveries, delivery giant Toll Group has admitted it was targeted by a ransomware attack that forced it to disable some of its systems.
Reports began emerging late last week that Toll was experiencing outages and delays, complaints which were subsequently confirmed on Monday when the shipping company said it was in damage control after experiencing a “cyber security incident”.
Then, in a second statement issued on Tuesday afternoon, Toll revealed the breach was malicious, and the company was still working to restore full functionality to its systems.
“We can confirm the cyber security incident is due to a targeted ransomware attack which led to our decision to immediately isolate and disable some systems in order to limit the spread of the attack,” the company said in a statement on its website.
Several Toll distribution centres in Australia have been in manual operation since last Friday as the business “works around the clock” to restore normality, with pick-up, processing and dispatch operations up and running, albeit at “reduced speed” in some cases.
Toll said it had “seen no evidence” to suggest any personal data had been lost.
Good luck. We decided not to push for pickups because we didn’t want the stock disappearing into a black hole. We have a few deliveries from Thursday that are untraceable.
— Scott (@scottstweeting) February 3, 2020
Business owners have been requesting updates on the situation from Toll for the better part of the last week, with some frustrated clients taking to social media to express their disappointment with how their freight partner has handled the incident.
Businesses have taken to social media to complain about pre-recorded call centre messages informing them Toll was experiencing technical difficulties, and an inability to tell their own customers whether their deliveries were secure.
Totally, totally, totally agree. What on earth are we supposed to tell our customers? At least some kind of update or ETA would be common sense!
— Hurtle Gear (@HurtleGear) February 3, 2020
Toll’s online booking system has been temporarily disabled, but the company is advising parcel customers to book deliveries by calling their contact centres.
“We apologise for the disruption that some of our customers are experiencing,” Toll said.
“We’re working with relevant authorities and have referred the matter to the appropriate bodies for criminal investigation.
“In the meantime, we’ll continue to work to our current processes in order to meet the needs of our customers.”
@Toll_Group why are 0 and 1 (not likely to recommend) “not valid answers” on your phone customer experience survey…?
— Venom Brewing (@venombeer) January 31, 2020
As of Tuesday, Toll had not provided a timeframe for when systems will return to normal operations.
“While it’s an unfortunate situation, particularly for our customers, we’re committed to ensuring the security of our systems before we resume normal online operations,” Toll said.
NOW READ: From millions to malware: Cyber attacks in Australia by the numbers
NOW READ: Nine Australian cyber security startups raising money and kicking goals