- Volvo North America used personal data stolen by breach of the Miljödata Human Resources Software Provider
- The attackers agreed to names and SSNS; Ransomware Group Datacarry claimed responsibility
- The Miljödata Adato System widely used in Swedish public and private sectors
Volvo North America has told his employees that part of his confidential information was stolen in a recent supply chain ransomware attack.
In a letter of notification of data violation shared with the office of the Massachusetts attorney general, the car manufacturer explained what happened, when the data were stolen and what the victims can do to stay safe.
“They recently informed us that a human resources software provider to the Volvo Group, Miljödata, was the victim of a security incident in which certain personal information can be accessed,” the company explained.
Datacarry Strikes Adato
Miljödata is a Swedish company that provides IT systems/support for human resources, work environment, rehabilitation, absence/disease and related personnel workflows.
One of its most outstanding products is Adato, a system to manage disease license, rehabilitation, preventive and similar measures.
The incident occurred on August 20, 2025, and was first seen three days later. Volvo was notified on September 2, when Miljödata discovered that his ‘clients’ data was also accessed.
The investigation also determined that the attackers managed to steal full names and social security numbers (SSN). While it is certainly not the most dangerous cyber attack that has happened, there are still many ways in which this information can be used in secondary attacks.
Volvo did not say how many people were affected, or who are the threat actors, however, some reports have said that the attack was claimed by a group of ransomware known as Datacarry, who raped Adato and committed many other organizations.
All breach allegedly affected at least 1.5 million people, and others lost telephone numbers, email addresses, birth dates and more.
The Miljödata Adato System is widely used in Sweden, and its customer base covers some key industries.
The main ones are the municipalities and other organizations of the local government, universities and institutions of higher education, regional organizations of the public sector (such as health regions and joint service administrations), private sector companies (particularly in heavy industries of human resources) and non -profit organizations with large personnel bases.
Through The registration
