Toll Group’s woes continue with the revelation that the hackers that crippled Toll’s IT systems have stolen and now published data on the dark web.
Toll Group confirmed that data had been stolen from one of their servers in a previous attack but could not yet determine how much or exactly what data had been stolen.
“Our ongoing investigations have established that the attacker has accessed at least one specific corporate server. This server contains information relating to some past and present Toll employees, and details of commercial agreements with some of our current and former enterprise customers.”
The hackers released a note on a notorious leak site claiming that they had downloaded 200GB of Toll’s sensitive data. They also included a compressed archive along with a text file listing documents stolen from Toll, which they described as “part one”.
“Toll Group failed to secure their network even after the first attack. We have more than 200GB of archives of their private data,” the Nefilim hackers claimed
This statement implies that the backdoor exploited from Toll’s first ransomware attack was never properly addressed and was able to be exploited again for the second attack.
This on-going cyber security saga from Toll Group highlights why it’s so important to ensure you’re IT systems are properly secured and process and training are in place for staff members.
Running cyber security audits are essential to uncover any security vulnerabilities that may be present before hackers or anyone with malicious intentions find them. Training staff in cyber security and how to identify scam and phishing emails will also significantly decrease the risk of a wrong click.
Events like these show the on-going impact of cyber attacks, from the crippling of business functions, through to data theft and the negative brand association.