Volvo North America Reports Major Ransomware Attack on IT Provider, Employee Data Compromised

Volvo North America has confirmed that a major ransomware attack on its IT service provider, Miljödata, led to the compromise of sensitive personal data of its employees.

 

The Volvo Group is a global leader in providing sustainable transportation, infrastructure, and industrial solutions, manufacturing trucks, buses, construction equipment, and marine/industrial engines.

 

In a data security incident notice filed with the Office of Massachusetts Attorney General, Volvo Group said that on August 23, its IT provider, Miljödata identified a network intrusion affecting its critical systems. The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

“The incident occurred on August 20, 2025. Miljödata first learned about the ransomware attack on August 23, 2025, and that your data may have been impacted on September 2, 2025; Miljödata notified Volvo Group thereafter on September 2, 2025,” Volvo Group said.

 

Preliminary investigation revealed that the compromised data included names and Social Security numbers. Volvo Group added that its own systems were not compromised.

 

“Miljödata immediately commenced an investigation to confirm the nature and scope of the incident and will continue to review their security policies, procedures, and tools as part of their ongoing commitment to information security. 

 

“Miljödata has taken actions to implement enhanced security of the Miljödata hosted environment and, together with cybersecurity experts, has promptly launched an investigation into the attack. Miljödata is taking steps to prevent this type of incident from happening again, and Volvo Group is continuing to monitor and investigate the situation carefully,” Volvo Group added.

 

The company has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. 

 

It has also offered 18 months of complimentary identity protection and credit monitoring services through Allstate’s Identity Protection Pro+ to all affected individuals.