Toll Group

In 2020, global logistics provider Toll Group was targeted by the Nefilim ransomware operation, resulting in a complete network breach. Attackers gained unauthorized access to corporate systems, exfiltrated sensitive operational and financial data, and deployed AES-128 encryption across critical servers and workstations, appending the ".NEFILIM" extension to affected files. The disruption forced Toll Group to halt certain shipping and freight operations temporarily, incurring significant revenue losses and logistical delays. Stolen data included client manifests, internal financial reports, and employee records, which the attackers threatened to publish on dark-web leak sites unless a bitcoin ransom was paid. Although Toll Group engaged cybersecurity experts to isolate infected segments, restore backups, and negotiate with the threat actors, remediation costs—including incident response, system recovery, legal fees, and potential regulatory fines—exceeded tens of millions of dollars. The breach also damaged the company’s reputation, prompting customers to seek alternative logistics partners amid concerns over data confidentiality and service resilience.

Source: https://www.bleepingcomputer.com/news/security/ukrainian-extradited-to-us-for-nefilim-ransomware-attacks/

"id": "job001050225",
"linkid": "jobs",
"type": "Ransomware",
"date": "5/2025",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"