According to security sources, these documents relate to Toll's dealings with Samsung, the South Korean conglomerate, and were posted on 5 June.
There are two links, one being a text file that lists the names of the documents. The second, coming in at 4.6 gigabytes, includes the documents themselves.
Toll announced on 5 May that it had been compromised by ransomware known as Nefilim which attacks Windows systems. This was the second attack on Toll this year, with the first in February being through use of the Mailto ransomware.
"MyToll customers can now access most features. Track and Trace is now available for a number of services including for our Priority customers, with historical data being progressively uploaded. For future information on the status of MyToll services, please visit www.mytoll.com.
"In our Global Forwarding business, systems tests have been completed and we have restored CargoWise One access across Toll’s global network. We have started the process of re-establishing electronic data interchange connections with customers, on a phased basis.
"Most customer-facing applications for our contract logistics customers are up and running, as we finalise testing with our customers. We thank everyone for their support and patience during this period as we finalise the full resumption of services across Toll’s global network."
iTWire has contacted Toll for comment on the latest development.