Delivery giant Toll Group hit by ransomware attack, leaving small business owners frustrated over “untraceable” parcels

Toll Group

After days of uncertainty and complaints from business owners about untraceable packages and missed deliveries, delivery giant Toll Group has admitted it was targeted by a ransomware attack that forced it to disable some of its systems.

Reports began emerging late last week that Toll was experiencing outages and delays, complaints which were subsequently confirmed on Monday when the shipping company said it was in damage control after experiencing a “cyber security incident”.

Then, in a second statement issued on Tuesday afternoon, Toll revealed the breach was malicious, and the company was still working to restore full functionality to its systems.

“We can confirm the cyber security incident is due to a targeted ransomware attack which led to our decision to immediately isolate and disable some systems in order to limit the spread of the attack,”  the company said in a statement on its website.

Several Toll distribution centres in Australia have been in manual operation since last Friday as the business “works around the clock” to restore normality, with pick-up, processing and dispatch operations up and running, albeit at “reduced speed” in some cases.

Toll said it had “seen no evidence” to suggest any personal data had been lost.

Business owners have been requesting updates on the situation from Toll for the better part of the last week, with some frustrated clients taking to social media to express their disappointment with how their freight partner has handled the incident.

Businesses have taken to social media to complain about pre-recorded call centre messages informing them Toll was experiencing technical difficulties, and an inability to tell their own customers whether their deliveries were secure.

Toll’s online booking system has been temporarily disabled, but the company is advising parcel customers to book deliveries by calling their contact centres.

“We apologise for the disruption that some of our customers are experiencing,” Toll said.

“We’re working with relevant authorities and have referred the matter to the appropriate bodies for criminal investigation.

“In the meantime, we’ll continue to work to our current processes in order to meet the needs of our customers.”

As of Tuesday, Toll had not provided a timeframe for when systems will return to normal operations.

“While it’s an unfortunate situation, particularly for our customers, we’re committed to ensuring the security of our systems before we resume normal online operations,” Toll said.

NOW READ: From millions to malware: Cyber attacks in Australia by the numbers

NOW READ: Nine Australian cyber security startups raising money and kicking goals


Notify of
Inline Feedbacks
View all comments
SmartCompany Plus

Sign in

To connect a sign in method the email must match the one on your SmartCompany Plus account.
Or use your email
Forgot your password?

Want some assistance?

Contact us on: or call the hotline: +61 (03) 8623 9900.