Volvo North America data breach due to ransomware attack

According to Security Affairs, Volvo North America revealed a data breach stemming from a ransomware attack on a third-party supplier, Miljödata, which exposed personal data of employees.

The ransomware attack affected at least 25 companies, including Volvo North America, Scandinavian airline SAS, and 200 Swedish municipalities. The attack targeted systems handling medical certificates, rehabilitation matters, and work-related injury management. The breach exposed employee names, Social Security numbers, email addresses, physical addresses, phone numbers, government IDs, dates of birth, and gender. The ransomware group DataCarry claimed responsibility and leaked data on the dark web, impacting 870,000 accounts.

Following the breach, Miljödata implemented security enhancements and collaborated with cybersecurity experts to prevent future breaches. Volvo Group offered affected individuals identity protection and credit monitoring services. This incident highlights the critical need for robust cybersecurity measures in supply chain management and emphasizes the importance of proactive security measures to mitigate ransomware threats in the industry.

Source: Security Affairs