Incident Reported: February 03 2020
Australian Transport Malware Attack February 2020: Toll Group shuts IT systems after ‘cyber security incident’
“as a precautionary measure, Toll has made the decision to shut down a number of systems in response to a suspected cyber security incident.”
Source: Toll Group shuts IT systems after ‘cyber security incident’ | iTnews
Company Breach Statement: Toll IT Systems Update
More reports from: iTnews.
Likely to be published on dark web.
Freight giant Toll Group has shut down “a number” of IT systems due to a “cyber security incident”, with customers reporting shipment tracking is down and drivers are reverting to manual receipts.
Toll Group says it has been hit with a “new variant” of ransomware known as Mailto or Kokoklock, and that samples have been provided to the Australian Cyber Security Centre and other researchers.
The ransomware is believed to have infected as many as 1000 servers, including Active Directory.