Volvo says staff data was stolen following recent ransomware attack on IT supplier

• Volvo North Amerrica employee personal data stolen via breach of HR software supplier Miljödata
• Attackers accessed names and SSNs; ransomware group DataCarry claimed responsibility
• Miljödata’s Adato system widely used across Swedish public and private sectors

Volvo North America has told its employees that some of their sensitive information was stolen in a recent supply-chain ransomware attack.

In a data breach notification letter shared with the Massachusetts Attorney General’s Office, the carmaker explained what happened, when the data was stolen, and what victims can do to stay safe.

“We were recently informed that a supplier of human resources software to the Volvo Group, Miljödata, was a victim of a security incident in which certain of your personal information may have been accessed,” the company explained.