- Volvo North Amerrica Employee Data Personal Stolen by violation of the Miljödata HR software provider
- The attackers accessed the names and SSN; Ransomware Group Datacarry claimed responsibility
- The Adato system of Miljödata widely used in the Swedish public and private sectors
Volvo North America told its employees that some of their sensitive information had been stolen during a recent attack on supply chain ransomware.
In a letter of notification of data violation shared with the Office of the Attorney General of Massachusetts, the automaker explained what happened, when the data was stolen and what the victims can do to stay safe.
“We have recently been informed that a provider of human resources software at the Volvo group, Miljödata, has been the victim of a security incident in which some of your personal information may have been accessible,” said the company.
Datacarry hits Adato
Miljödata is a Swedish company that provides computer systems / support for HR, the work environment, rehabilitation, absence / disease and related staff workflows.
One of their most important products is Adato, a system for managing sick leave, rehabilitation, preventive and similar measures.
The incident occurred on August 20, 2025 and was spotted for the first time three days later. Volvo was informed on September 2, when Miljödata discovered that its “customers” data was also accessible.
The investigation also determined that the attackers had managed to steal complete names and social security numbers (SSN). Although this is certainly not the most dangerous cyber attacks to occur – there are still many ways that this information can be used in secondary attacks.
Volvo has not said how many people have been affected, nor who are the threat actors, but some reports said that the attack had been claimed by a group of ransomware known as Datacarry, which violated Adato and compromised many other organizations.
The entire violation would have affected at least 1.5 million people, other people losing telephone numbers, email addresses, birth dates, etc.
The Adato de Miljödata system is widely used through Sweden, and its customers extends over a few key industries.
The main ones are municipalities and other local government organizations, universities and higher education establishments, regional public sector organizations (such as health care regions and joint service administrations), private sector companies (in particular in HR-Have industries) and non-profit organizations with large staff.
Via The register
