Here the Netfilim ransomware operators continue the data leak of The Toll Group Australia by posting the part of the data leak on their blog website.

The Toll Group Australia was been established in the year 1888 by Albert Toll. With over 125 years’ experience, Toll Group, proudly part of Japan Post, operates an extensive global logistics network across 1,200 locations in more than 50 countries. Our 40,000 employees provide a diverse range of transport and logistics solutions covering road, air, sea, and rail to help our customers best meet their global supply chain needs.  The Toll Group is an Australian transportation and logistics company with operations in road, rail, sea, air, and warehousing. It has three divisions; Global Express, Global Forwarding, Global Logistics. It is a subsidiary of Japan Post Holdings. Toll Global Express is a logistics and transportation division of the group. In 2012 it had plans to extend its compressed natural gas-powered fleet to more than 70 trucks. In 2014 it announced a $150-million, 71,000-square-metre, parcel-sorting center near Melbourne Airport, to be built in partnership with Australia Pacific Airports.

Based on the information leaked, it appears that the negotiation between the ransomware operators and the Toll Group has once again failed, which made them leak part 2 of their confidential data. This data leak seems to be another warning for the company to accept the terms of the ransomware operators, otherwise more data leaks of the company might be published soon.

Below is the message been posted by the Netfilim Ransomware Operators-:

The Cyble Research Team has verified the data leak of around 5GB. The data leak includes multiple documents containing sensitive information of the well-known South Korean multinational conglomerate named as Samsung. Below is the snapshot of the directory listing of the sensitive files being leaked by the Netfilim ransomware operators.

As per Cyble’s researchers, more parts of data leak may be leaked online if the terms of the ransomware operators are not been fulfilled.

We recommend people to:

  • Never share personal information, including financial information over the phone, email or SMSs
  • Use strong passwords and enforce multi-factor authentication where possible
  • Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.
  • Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
  • Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
  • People who are concerned about their exposure in darkweb can register at to ascertain their exposure.

About Cyble:

Cyble is a US-based cyber threat intelligence company with the express mission to provide organizations with real-time views of their supply chain cyber threats and risks

Scroll to Top