Volvo Group North America confirmed a significant data breach after its third-party human resources software provider, Miljodata, was struck by ransomware. The incident began on August 20, 2025, when attackers later identified as the Data Carry ransomware group gained access to Miljodata\u2019s cloud-based HR management platform, which services numerous organizations across Sweden and North America. Miljodata discovered suspicious activity three days after the initial compromise, and by September 2, forensic analysis verified that sensitive files, including employee data from Volvo North America, had been exfiltrated.\u200b
The breach specifically impacted current and former Volvo employees, exposing personal identifiers such as first and last names and Social Security numbers, although no payroll, bank account, or insurance data appears to have been accessed for Volvo staff. For other affected companies, leaked information included phone numbers, home addresses, dates of birth, government IDs, and more, amounting to roughly 870,000 accounts published on dark web leak sites.\u200b
Volvo\u2019s internal systems were not breached directly instead, the attack on the supply chain vendor created a cascading effect, highlighting the risk of outsourcing sensitive functions. After notification from Milj\u00f6data, Volvo informed affected employees and began offering free credit and identity protection services. Experts underline that this case exemplifies how third-party service providers can be an unforeseen weak link, causing not just business disruption but also long-term reputational and privacy damage, making robust vendor risk management essential for any organization’s cybersecurity strategy.<\/p>\n\n\n\n
<\/p>\n","protected":false},"excerpt":{"rendered":"
Volvo Group North America confirmed a significant data breach after its third-party human resources software provider, Miljodata, was struck by ransomware. The incident began on August 20, 2025, when attackers later identified as the Data Carry ransomware group gained access to Miljodata\u2019s cloud-based HR management platform, which services numerous organizations across Sweden and North America. Miljodata discovered suspicious activity three [\u2026]<\/span><\/p>\n","protected":false},"author":1,"featured_media":8892,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6,10,12,9,2],"tags":[],"class_list":["post-9022","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-latest_news","category-latest_vulnerabilities","category-read_article","category-ransomware_criminals","category-ce_news"],"acf":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/cyberenso.jp\/wp-content\/uploads\/2025\/09\/cybersecurity-concept-collage-design-1-scaled.jpg?fit=2560%2C1752&ssl=1","_links":{"self":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9022"}],"collection":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/comments?post=9022"}],"version-history":[{"count":1,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9022\/revisions"}],"predecessor-version":[{"id":9023,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/posts\/9022\/revisions\/9023"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media\/8892"}],"wp:attachment":[{"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/media?parent=9022"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/categories?post=9022"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cyberenso.jp\/en\/wp-json\/wp\/v2\/tags?post=9022"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}