Swedish IT company **Miljödata** suffered a severe data breach in August, exposing the personal information of over **1.5 million individuals**—one of Sweden’s largest data leaks in recent years. The attack resulted in sensitive data, including protected identity details, employee records of former staff, and children’s personal information, being **extracted and published on the Darknet**. The breach impacted multiple **Swedish municipalities and regional entities** relying on Miljödata’s services, prompting formal investigations by the **Swedish Data Protection Authority (IMY)** under **GDPR violations**. The incident highlighted critical **technical security deficiencies** in Miljödata’s infrastructure, including inadequate protective measures against unauthorized access. Regulators are scrutinizing the company’s **response protocols, data handling practices, and compliance failures**, particularly for high-risk categories like terminated employees' records and children’s data. The breach underscores systemic vulnerabilities in Sweden’s digital infrastructure, with authorities emphasizing the need for **strengthened security frameworks, regular vulnerability assessments, and robust incident response mechanisms** to prevent future incidents. The fallout includes **regulatory audits, potential legal penalties, and reputational damage**, reinforcing the urgency for stricter data protection enforcement.
Source: https://gbhackers.com/swedish-it-company-data-breach/
TPRM report: https://www.rankiteo.com/company/miljodata-ab
"id": "mil3432434110525",
"linkid": "miljodata-ab",
"type": "Breach",
"date": "8/2025",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'customers_affected': '1,500,000+ individuals',
'industry': 'Information Technology / Environmental '
'Data Services',
'location': 'Sweden',
'name': 'Miljödata',
'type': 'IT Company'},
{'industry': 'Government / Public Administration',
'location': 'Gothenburg, Sweden',
'name': 'City of Gothenburg',
'type': 'Municipality'},
{'industry': 'Government / Public Administration',
'location': 'Älmhult, Sweden',
'name': 'Älmhult Municipality',
'type': 'Municipality'},
{'industry': 'Government / Public Administration',
'location': 'Västmanland, Sweden',
'name': 'Region Västmanland',
'type': 'Regional Government'}],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': '1,500,000+',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personal information',
'Sensitive data',
'Protected identity information',
'Employee records (including '
'terminated staff)',
'Children’s personal data']},
'date_publicly_disclosed': '2023-08',
'description': 'Swedish authorities have launched formal investigations into '
'a significant data breach affecting Miljödata, a prominent IT '
'company whose security lapse exposed the personal information '
'of over 1.5 million individuals. The breach resulted in '
'sensitive data being published on the Darknet, impacting '
'multiple Swedish municipalities and regional entities relying '
'on Miljödata’s services. The incident is one of Sweden’s most '
'substantial data exposures in recent years, compromising '
'personal details across a large portion of the country’s '
'population. The Swedish Prosecution Authority confirmed that '
'attackers successfully extracted and published data belonging '
'to over 1.5 million private citizens.',
'impact': {'brand_reputation_impact': 'Significant (data of 1.5M individuals '
'exposed on Darknet)',
'data_compromised': True,
'identity_theft_risk': 'High (sensitive personal data exposed)',
'legal_liabilities': 'Potential (GDPR violations under '
'investigation)'},
'initial_access_broker': {'data_sold_on_dark_web': True},
'investigation_status': 'Ongoing (formal investigations by IMY; audits of '
'Miljödata, City of Gothenburg, Älmhult Municipality, '
'and Region Västmanland)',
'lessons_learned': 'The incident highlights the need for organizations '
'handling sensitive personal information to strengthen '
'security frameworks, conduct regular vulnerability '
'assessments, and implement comprehensive incident '
'response protocols. It also underscores the importance of '
'protecting high-risk data categories, such as children’s '
'personal data and terminated employee records, which '
'require heightened protection under GDPR.',
'post_incident_analysis': {'root_causes': 'Technical security deficiencies in '
'Miljödata’s infrastructure (under '
'investigation)'},
'ransomware': {'data_exfiltration': True},
'recommendations': ['Strengthen technical security infrastructure to prevent '
'unauthorized access.',
'Improve data protection measures for high-risk '
'categories (e.g., children’s data, terminated employee '
'records).',
'Enhance incident response protocols and communication '
'strategies with regulatory bodies.',
'Conduct regular vulnerability assessments and audits.',
'Implement stricter access controls and monitoring for '
'third-party service providers.'],
'references': [{'source': 'GBHackers (GBH)'}],
'regulatory_compliance': {'legal_actions': 'Formal investigations by Swedish '
'Data Protection Authority (IMY)',
'regulations_violated': ['General Data Protection '
'Regulation (GDPR)'],
'regulatory_notifications': 'Ongoing (IMY, Swedish '
'Prosecution '
'Authority)'},
'response': {'communication_strategy': 'Ongoing communication with IMY and '
'affected organizations',
'law_enforcement_notified': True},
'title': 'Data Breach at Miljödata Affecting 1.5 Million Individuals in '
'Sweden',
'type': 'Data Breach'}