In 2020 Toll Group went twice through a ransomware attack, now Sophos which acted as a response and investigation team for the events, announces that the entry point was an account of an employee who died but remained active in the system.
Nefilim Ransomware Attack Used “Ghost” Credentials.
According to the report by Sophos, the Nefilim group responsible for the infidelity attack that was on the company’s network for about a month without the defense systems identifying suspicious activity, the user used by the attack group belonged to a deceased employee but his account was locked/deleted due to being integrated into various services.
Read more about Examples and Numbers of Social Engineering attacks ›
Save Your Company from Social Engineering Attacks Like that
Register and Get your Personalized Free Exposure Report NOW
and See your where your Company is Exposed to Hackers
Recently Published on our Blog
SnoopLens Flaw: Your WhatsApp and Signal Chats May Not Be as Private as You Think
A Note on Our Content: We believe in the value of human expertise. All insights and research presented here are originally crafted by our team, though we utilize Artificial Intelligence to refine our phrasing and ensure the highest standard of English clarity. If you...
Weekly Tech corner: AI Trust Exploited, WordPress Backdoors, and Android Ransomware Threats
A Note on Our Content: We believe in the value of human expertise. All insights and research presented here are originally crafted by our team, though we utilize Artificial Intelligence to refine our phrasing and ensure the highest standard of English clarity. If you...
OSINT Insights: New Tools and Research Shaping Open Source Investigations
The Open Source Intelligence (OSINT) landscape is evolving rapidly, and keeping up with the latest tools is half the battle. The latest edition of The Weekly OSINT Newsletter (published December 14, 2025) has dropped, and it brings a wealth of new resources for...