Volvo Group North America reports data breach after third-party ransomware attack

Volvo Group North America is reporting a data breach that exposed sensitive employee information after a ransomware attack targeted one of its third-party human resources software suppliers. 

The breach occurred as a result of a ransomware attack by the DataCarry group against Miljödata, a Swedish IT company that provides HR management services to Volvo Group. The attack took place on August 20, 2025, and Miljödata became aware of the compromise three days later on August 23, 2025. On September 2, 2025, that Miljödata determined that data belonging to Volvo Group personnel had been compromised in the attack and notified Volvo Group.

This incident was part of a broader campaign that impacted approximately 25 private companies, including major corporations such as Scandinavian airline SAS and metals company Boliden, along with roughly 200 Swedish municipalities, including Stockholm. Exposed data includes:

• Names (first and last)
• Social Security numbers
• Email addresses
• Physical addresses
• Phone numbers
• Government-issued identification numbers
• Dates of birth
• Gender information

The number of Volvo employees affected has not been disclosed.

Volvo Group emphasized that its own internal systems were not compromised as part of this incident and that the breach was contained within the environment of its third-party supplier.

Volvo Group North America is offering a complimentary 18-month subscription to \tri-bureau credit monitoring, dark web monitoring, financial transaction monitoring, annual credit reports, monthly credit score tracking, and full-service identity restoration support.