Volvo says staff data was stolen following recent ransomware attack on IT supplier

News
By published

Names and SSNs grabbed in a third-party attack

2026 Volvo XC70
(Image credit: Volvo)
  • Volvo North Amerrica employee personal data stolen via breach of HR software supplier Miljödata
  • Attackers accessed names and SSNs; ransomware group DataCarry claimed responsibility
  • Miljödata’s Adato system widely used across Swedish public and private sectors

Volvo North America has told its employees that some of their sensitive information was stolen in a recent supply-chain ransomware attack.

In a data breach notification letter shared with the Massachusetts Attorney General’s Office, the carmaker explained what happened, when the data was stolen, and what victims can do to stay safe.

“We were recently informed that a supplier of human resources software to the Volvo Group, Miljödata, was a victim of a security incident in which certain of your personal information may have been accessed,” the company explained.

DataCarry strikes Adato

Miljödata is a Swedish company that provides IT systems/support for HR, work-environment, rehabilitation, absence/sickness, and related personnel workflows.

One of their more prominent products is Adato, a system for managing sick leave, rehabilitation, preventive measures, and similar.

The incident happened on August 20, 2025, and was first spotted three days later. Volvo was notified on September 2, when Miljödata discovered that its’ clients’ data was accessed, too.

The investigation also determined that the attackers managed to steal full names and Social Security numbers (SSN). While certainly not the most dangerous cyberattack to ever happen - there are still plenty of ways this information can be leveraged in secondary attacks.

Volvo did not say how many people were affected, or who the threat actors are, however some reports have said the attack was claimed by a ransomware group known as DataCarry, who breached Adato and compromised numerous other organizations.

The entire breach allegedly affected at least 1.5 million people, with others losing phone numbers, email addresses, birth dates, and more.

Miljödata’s Adato system is widely used across Sweden, and its client base spans a few key industries.

The main ones are municipalities and other local government bodies, universities and higher education institutions, regional public sector organizations (such as healthcare regions and joint service administrations), private sector companies (particularly in HR-heavy industries), and non-profit organizations with large staff bases.

Via The Register

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.