The security incident did not originate within Volvo’s own networks but was the result of a ransomware attack on one of its third-party human resources software suppliers, a company named Miljdata. The breach highlights the persistent and growing risks associated with supply chain vulnerabilities.
According to the data breach notification letter, the initial security incident targeting Miljdata occurred on August 20, 2025. The HR software provider first became aware of the ransomware attack three days later, on August 23.
It wasn’t until September 2, 2025, that Miljdata determined that data belonging to Volvo Group personnel had been compromised in the attack. Miljdata informed Volvo Group of the exposure on the same day.
Volvo has emphasized that its own internal systems were not compromised as part of this event and that the breach was contained within the environment of its supplier.
The investigation has revealed that the exposed data may have included a combination of individuals’ first and last names along with their Social Security numbers.
In response to the breach, Volvo Group North America has taken steps to mitigate the potential harm to those affected. The company is offering a complimentary 18-month subscription to Allstate’s Identity Protection Pro service.
This service provides a suite of protective tools, including tri-bureau credit monitoring, dark web monitoring, financial transaction monitoring, and full-service identity restoration support. An email and a welcome letter are being sent to impacted individuals with instructions on how to enroll in the service.
Volvo Group is urging all potentially affected individuals to remain vigilant against incidents of identity theft and fraud. The company apologizes for the inconvenience and is working closely with Miljdata to ensure appropriate actions are taken.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Volvo Group Discloses Data Breach After Ransomware Attack on HR Supplier appeared first on Cyber Security News.
A large-scale reconnaissance campaign is actively targeting SonicWall firewalls across the internet, with attackers using…
A newly identified botnet trojan campaign, dubbed OCRFix, has been discovered combining social engineering tricks…
This article originally appeared on Inside Climate News, a nonprofit, non-partisan news organization that covers…
Nintendo has announced a new Indie World Showcase, set to take place tomorrow, March 3.…
Reliable video game leaker billbil-kun has revealed the release date and price for Starfield on…
On Friday evening, amidst fallout from a standoff between the Department of Defense and Anthropic,…
This website uses cookies.