Toll Group has revealed that some of the data accessed in a recent cyber attack has been published on the dark web.
Announcing the attack on 12 May, the business is undertaking an assessment to determine the nature of the stolen data and will notify and offer support to those impacted.
"Following our announcement last week that a ransomware attacker had stolen data contained on at least one Toll corporate server, our ongoing investigation has established that the attacker has now published to the dark web some of the information that was stolen from that server," Toll said in a statement.
"As a result, we are now focused on assessing and verifying the specific nature of the stolen data that has been published.
"As this assessment progresses, we will notify any impacted parties as a matter of priority and offer appropriate support," the business said.
The Office of the Australian Information Commissioner said the best practice for those affected by the breach is to take quick action to reduce harm.
"You may be told about a notifiable data breach directly, such as by an email, or indirectly, by the organisation or agency promoting a data breach notification on their website.
"By acting quickly, you can reduce your chance of experiencing harm.
"You should also keep a record of any action you take or help you get. This may be useful if you experience harm as a result of the data breach."
Actions to take in response to a breach include:
- Change passwords
- Take care with emails and phone calls
- Check account statements
- Check credit reports
- Seek expert advice