At least one of the company's own publications, the Australian Financial Review, has reported that staff were told to look on their PCs for a file named Recovery_ Instructions.html which is the ransom note issued by the ransomware in question, MedusaLocker.
An article published in some Nine newspapers on Saturday pushes the "no ransom note" notion by quoting a claimed expert as saying that a ransomware attack with no ransom demand is highly unusual.
Brett Callow, a ransomware researcher with the New Zealand-headquarter Emsisoft, said, in the case of MedusaLocker the note left behind made no mention of a ransom.
The note left behind by the Windows ransomware MedusaLocker on infected systems.
"In other words, a company that had yet to contact the threat actors could honestly say that it had not received a demand.
"Ditto if it had reached out but the threat actor had yet to reply. At least one [ransomware] group is known to have failed to reply to victims, so this wouldn’t be without precedent."
Nine has made no public comment about the attack apart from a statement which it has made available since at least 31 March and which was quoted in this update about the incident.