Volvo confirms personal data exposed via HR supplier breach

Published: 26 September 2025
Last updated: 29 September 2025
Volvo data breach
Image by Cybernews.

The North American branch of Volvo, the Swedish auto manufacturing giant, has confirmed that its data was exposed after a ransomware attack hit the company’s human resources (HR) software provider, Miljödata.

Volvo confirmed that it’s the latest victim of a ransomware attack that has impacted dozens of companies. The Swedish automaker sent out a breach notice informing colleagues that an attack on Miljödata exposed their personal details.

Volvo’s breach notice, submitted to the Massachusetts Attorney General’s Office, indicates that attackers accessed personal Volvo North America (Volvo NA) related information, which includes:

ADVERTISEMENT
  • First and last names
  • Social Security Numbers
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Follow us

At least in theory, attackers could use the stolen personal information to attempt identity theft. Volvo said it will offer access to complimentary identity theft and credit monitoring services to help individuals mitigate potential privacy risks.

“We encourage you to remain vigilant for incidents of fraud or misuse of your information, from any source, by reviewing your account statements and credit reports,” Volvo advised.

Miljödata data breach fallout

The Swedish IT services supplier Miljödata fell victim to the DataCarry ransomware gang in late summer. Attackers penetrated the company and exfiltrated the data of dozens of companies that used Miljödata’s services.

Scandinavian airline SAS, Lund University, numerous Swedish municipalities, including the capital city Stockholm, and many other companies were impacted by the attack after the gang opted to publish the stolen data on its dark web blog.

ADVERTISEMENT

Cybercrooks publishing details stolen during a ransomware attack is often a sign that the victim refused to pay the criminals’ demands for ransom. Local media reports show that DataCarry demanded over $165K for the data.

Hacker stealing data from a computer
Image by Cybernews.

Regardless of the amount, companies are not recommended to succumb to attackers’ demands, as paying one gang often invites others. Furthermore, there are no guarantees that the thieves will keep their word and not post the data somewhere else.

Miljödata data breach reportedly impacted over 870K accounts across numerous different companies. Names, dates of birth, physical addresses, emails, IDs, and other data points were allegedly impacted by the attack.

Meanwhile, DataCarry is a new name in the ransomware underworld. First observed in May 2025, the gang operates a classical data-extortion operation: stealing data and demanding payment for it afterwards. Even though the gang is relatively new, it already has dozens of victims under its name.

Unlock more exclusive Cybernews content on YouTube.

Share
Post
Share
Share
Share
More from Cybernews
Nadella scoffs at AI giants as Microsoft may host China’s DeepSeek
Cruel cyber training in Canada: testing if exhausted employees would fall for a 'day off' scam
Cloudflare gives AI agents temporary accounts to deploy websites without human logins
Developers giving attackers a free ride after hundreds of iPhone AI apps found exposing credentials
This tiny European country is pioneering digital ID for AI agents
Canadian lender TD tells some employees it will use software to monitor their work
ADVERTISEMENT