Norwegian sorting and RVM technology company Tomra has been the subject of an "extensive cyberattack" affecting some of its data systems. The company said that it had discovered the attack on 16 July and responded by immediately disconnecting some systems to contain it.
According to an update issued on Tuesday, Tomra's internal IT services and some back office applications remain offline, affecting the company's supply chain management. Major office locations were also offline, and employees were being asked to work remotely.
The attack had only a limited impact on Tomra's customer operations, the company explained. The greatest disruption was being experienced by a limited number of older generation reverse vending machines (RVMs) for drinks bottles and cans in Europe and Asia, which are no longer operating. The majority of newer equipment in those regions is continuing to function in offline mode. RVMs for beverage packaging in Australia and North America remained online and fully connected, said Tomra.
Tomra's sorting technology for the recycling industry is "currently operating as usual, but some functionality is limited due to digital services being offline", said the company on Tuesday. Most of the company's digital services were designed to operate offline for a certain amount of time, but they may have reduced functionality in the interim, according to Tomra.
"A team of internal and external resources is working around the clock to resolve the situation, and affected systems will remain offline until it is safe to open them," said Tomra. The company noted that relevant authorities had been informed and that no new hostile activities had been detected since the initial attack. Tomra said it had not received any contact from those behind the attack.
