- Volvo North Amerrica employee personal data stolen via breach of HR software supplier Miljödata
- Attackers accessed names and SSNs; ransomware group DataCarry claimed responsibility
- Miljödata’s Adato system widely used across Swedish public and private sectors
Volvo North America has told its employees that some of their sensitive information was stolen in a recent supply-chain ransomware attack.
In a data breach notification letter shared with the Massachusetts Attorney General’s Office, the carmaker explained what happened, when the data was stolen, and what victims can do to stay safe.
“We were recently informed that a supplier of human resources software to the Volvo Group, Miljödata, was a victim of a security incident in which certain of your personal information may have been accessed,” the company explained.
DataCarry strikes Adato
Miljödata is a Swedish company that provides IT systems/support for HR, work-environment, rehabilitation, absence/sickness, and related personnel workflows.
One of their more prominent products is Adato, a system for managing sick leave, rehabilitation, preventive measures, and similar.
The incident happened on August 20, 2025, and was first spotted three days later. Volvo was notified on September 2, when Miljödata discovered that its’ clients’ data was accessed, too.
The investigation also determined that the attackers managed to steal full names and Social Security numbers (SSN). While certainly not the most dangerous cyberattack to ever happen – there are still plenty of ways this information can be leveraged in secondary attacks.
Volvo did not say how many people were affected, or who the threat actors are, however some reports have said the attack was claimed by a ransomware group known as DataCarry, who breached Adato and compromised numerous other organizations.
The entire breach allegedly affected at least 1.5 million people, with others losing phone numbers, email addresses, birth dates, and more.
Miljödata’s Adato system is widely used across Sweden, and its client base spans a few key industries.
The main ones are municipalities and other local government bodies, universities and higher education institutions, regional public sector organizations (such as healthcare regions and joint service administrations), private sector companies (particularly in HR-heavy industries), and non-profit organizations with large staff bases.
Via The Register
You might also like
https://cdn.mos.cms.futurecdn.net/6KeeowGknDHCVmURmq4Khn-1920-80.jpg
Source link
