Toll Cyber Incident Fallout
The Australian logistics company Toll encountered an “IT Cybersecurity Attack,” causing a range of customer-facing systems to become unavailable through the recovery phase. A Toll spokesperson disclosed on Sunday that the business needed to take up to five-hundred software applications offline, many of which funded its international operations, spanning twenty-five countries.
People have taken to social media to complain publicly that the customer service department of Toll has received minimal information and made promises of expected delivery that have failed to happen. According to The Australian Financial Review, the spokesperson said, “From the outset, we’ve prioritised customer-facing and other critical systems. We now have many of our customers back online and operating essentially as normal, including through large parts of our global cargo-forwarding network and across our logistics warehouse operations around the world. And, we’re progressively reactivating full services on the MyToll parcels booking and tracking portal”
Toll confirmed earlier this month that they had collaborated with cybersecurity companies to help identify and respond to the incident, and had been working with the Australian Cyber Security Centre (ACSC). The ACSC advised on the 6 February 2020, that they were aware of the recent Mailto/Kazakavkovsky ransomware attacks, which has been identified as causing the incident at Toll. The ACSC issued a Mailto advisory note, stating that it had released a so-called ransomware hash – an identifier that other organizations can use to check their systems and get warning notifications if it is detected on the network.
Although not publicised, the immediate financial impact to the business will be devastating, with some commentators suggesting it will run into the tens of millions of dollars. The reputational fallout will likely be more devastating, and certainly harder to measure, but consumer sentiment and commentary suggests it will hit them hard and fast in the wake of the incident.