The North American branch of Swedish auto manufacturing giant Volvo has confirmed that its employee data was exposed following a ransomware attack that targeted its human resources (HR) software provider, Miljödata.
Volvo has become the latest in dozens of companies affected by the attack on the Swedish IT services supplier. The automaker issued a breach notice to its North American colleagues, informing them that their personal details were compromised.
Compromised Data and Fallout
Volvo's breach notice, submitted to the Massachusetts Attorney General’s Office, indicates that the attackers accessed sensitive Volvo North America (Volvo NA) employee information, including:
- First and last names
- Social Security Numbers
Because this stolen data could potentially be used for identity theft, Volvo is offering complimentary identity theft and credit monitoring services to help individuals mitigate privacy risks. Volvo also encouraged affected individuals to "remain vigilant for incidents of fraud or misuse of your information" by regularly reviewing account statements and credit reports.
The ransomware attack on Miljödata, carried out by the DataCarry gang in late summer, impacted a massive number of clients. The cybercriminals subsequently published the stolen data on their dark web blog, often a sign that the victims refused to pay the ransom (which local media reports suggest was over $165,000).
The DataCarry Attack
The fallout from the Miljödata breach is widespread, reportedly impacting over 870,000 accounts across numerous organizations. Other victims include Scandinavian airline SAS, Lund University, and several Swedish municipalities, including the capital city Stockholm. The data allegedly exposed across all victims includes names, dates of birth, physical addresses, emails, and IDs.
DataCarry is a relatively new ransomware gang, first observed in May 2025. It employs a classical data-extortion model: stealing data and demanding a ransom. Despite its recent appearance, the gang has already claimed dozens of victims. Security experts continue to advise companies against paying ransoms, as it encourages further cybercrime and offers no guarantee the stolen data will be destroyed.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
