Toll first became aware of the attack on 31 January.
“We received a targeted ransomware attack which led to our decision to immediately isolate and disable some systems in order to contain the spread of the attack,” Toll said in a statement on its website.
“We moved quickly to mitigate the potential impact and we’re undertaking a detailed investigation with a view to restoring all of the relevant systems as soon as possible. In the meantime, we’ve introduced manual systems where required to ensure we can continue to meet the needs of our customers.”
Ransomware is a form of malware that holds computer systems hostage and demands payment, usually in the form of cryptocurrencies. Several firms have been on the receiving end of ransomware attacks before, most notably global logistics company Maersk, which was crippled by an attack originating in Ukraine and believed to be the work of the Russian military. That attack wound up costing Maersk almost $300 million.
Toll is the main logistics partner of the Royal Australian Navy.
While the company continues to process and dispatch orders for parcel customers (albeit at reduced speed) most other operations are now operating on manual systems based. Toll does not believe the personal data of any customers has been compromised.
“Toll is making progress with our recovery activities to restore our systems and Toll customer-facing applications,” the company said in a statement.
“Our immediate focus is on bringing our systems back online in a controlled and secure manner. Business continuity plans have been activated to maintain customer service and operations.”
The attack also comes just weeks after user data was stolen from Travelex, the world’s largest currency exchange, and held to ransom for US$6 million.