CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Volvo NA Employee Data Stolen in Miljödata Ransomware Attack

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Volvo Group North America (Volvo NA) has suffered a data breach through a third-party HR software provider, Miljödata. The breach occurred in August 2025 when the DataCarry ransomware group compromised Miljödata's cloud infrastructure, affecting hundreds of customers and millions of individuals. Volvo NA's employee names and Social Security numbers (SSNs) were stolen and potentially published on the Dark Web. The incident highlights the broader impact of supply chain attacks on large organizations and their employees. The attack on Miljödata, which provides HR software to numerous Swedish municipalities and companies, resulted in the exposure of sensitive data for over 1.5 million individuals. The breach underscores the vulnerabilities in centralized, multi-tenant cloud infrastructure and the potential for significant reputational and operational damage.

Timeline

  1. 26.09.2025 22:59 1 articles · 3d ago

    DataCarry Ransomware Group Breaches Miljödata Cloud Infrastructure

    On August 20, 2025, the DataCarry ransomware group breached Miljödata's cloud infrastructure, affecting hundreds of customers and millions of individuals. The attack compromised sensitive data, including employee names and SSNs, which were potentially published on the Dark Web. The breach highlights the vulnerabilities in centralized, multi-tenant cloud services and the potential for significant reputational and operational damage. The incident also affected several universities, at least 25 companies, and 164 municipalities in Sweden, exposing additional PII for other affected organizations.

    Show sources
    Open in new tab

Information Snippets

  • Miljödata, a Swedish HR software provider, was breached by the DataCarry ransomware group on August 20, 2025.

    First reported: 26.09.2025 22:59
    1 source, 1 article
    Show sources

  • The attack compromised Miljödata's cloud infrastructure, affecting hundreds of customers and millions of individuals.

    First reported: 26.09.2025 22:59
    1 source, 1 article
    Show sources

  • Volvo NA's employee names and SSNs were stolen and potentially published on the Dark Web.

    First reported: 26.09.2025 22:59
    1 source, 1 article
    Show sources

  • The ransomware group demanded 1.5 Bitcoins, approximately $165,000, and followed through on their threat to publish stolen data.

    First reported: 26.09.2025 22:59
    1 source, 1 article
    Show sources

  • The breach affected several universities, at least 25 companies, and 164 municipalities in Sweden.

    First reported: 26.09.2025 22:59
    1 source, 1 article
    Show sources

  • Other affected organizations lost additional PII, including gender, dates of birth, employment details, and contact information.

    First reported: 26.09.2025 22:59
    1 source, 1 article
    Show sources

  • Stellantis and Jaguar Land Rover also suffered similar supply chain attacks within weeks of the Miljödata incident.

    First reported: 26.09.2025 22:59
    1 source, 1 article
    Show sources

  • The ShinyHunters group breached Stellantis on September 21, 2025, stealing customer names and contact details.

    First reported: 26.09.2025 22:59
    1 source, 1 article
    Show sources

  • Jaguar Land Rover was attacked by Scattered Lapsus$ Hunters on August 31, 2025, leading to a halt in production and government intervention.

    First reported: 26.09.2025 22:59
    1 source, 1 article
    Show sources