Many of Toll’s services are back online after disruptions caused by the group isolating its systems to prevent the spread of a “targeted malware” attack the company suffered on January 31.

A spokesperson for the company told Investor Daily that the ransom demand “does not specify a specific figure” but only provided contact details for Toll to arrange the ransom payment.

“We have not made contact with the attackers and have no intention of engaging,” the spokesman said.

"We are treating it as a criminal case and as such we have referred it to the appropriate authorities." We believe that our decision not to comply with the attacker's demands is a responsible and appropriate course of action for our business and as a leader in the wider logistics sector – we do not want to encourage this type of attack on other businesses.”

Toll also revealed that the malware in question is a new variant of the "mailto" ransomware. The Mailto ransomware locks the affected files in an unusable "mailto" format. It is unclear whether files can actually be recovered after they have been encrypted.

"We have shared samples of the relevant variant with law enforcement, the Australian Cyber ​​Security Center and cyber security organizations to ensure the wider community is protected," Toll said in a statement.

“There continue to be indications that any personal data has been lost as a result of the ransomware attack on our IT systems. We are continuing to monitor this as we work on a detailed investigation.”

Several other businesses have been subject to ransomware attacks before, most notably global logistics company Maersk, which was crippled by an attack originating in Ukraine and believed to be the work of the Russian military. This attack cost Maersk almost $300 million.