In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.

Nefilim Ransomware Attack Used “Ghost” Credentials.

According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services. 

Read more about Examples and Numbers of Social Engineering attacks  ›

Save Your Company from Social Engineering Attacks Like that


Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers

Recently Published on our Blog

Mitigating the impact of fake social media accounts

Whilst social media is a vital tool for brands to communicate with customers, companies need to consider the impact these platforms can have on their business. They hold the power to change the rules of engagement without warning, which can lead to unintended...

read more

Could cybersecurity complacency be costing you?

Everyone knows that cybersecurity is important, particularly as cyber criminals are using increasingly sophisticated methods to hack into large company networks. But it can be frustrating when you can’t use a certain app that would make team communication easier, and...

read more

5 ransomware groups to be aware of

Ransomware attacks are increasingly focusing on bigger targets, with several major international companies falling victim in recent years. As a result, it’s crucial for all companies to take these sorts of threats seriously. Knowing who you’re dealing with is the...

read more