In its first update about the attack in eight days, Toll said the affected personnel were past and present employees from countries where it operates, including Australia and New Zealand.
Toll was hit by Windows ransomware known as Nefilim and the incident was made public on 5 May.
This is the second time Toll has been attacked this year, with the first being in February.
"There is no evidence at this stage that the information in question has been taken.
"As a precaution, we have written to impacted employees (past and current) to provide them with information on how they can protect themselves.
"As part of this, we have engaged the services of a leading provider of identity and cyber security solutions to ensure that impacted people are provided with the appropriate support and data protection measures.
"Toll condemns in the strongest possible terms the actions of the cyber criminals, and we apologise to our people for the concern and inconvenience this situation may be causing them."