Over One Million Swedish Personal Data Records Published on Dark Web Following Cyberattack

Trending NewsSep. 14, 2025

Summarized by NextFin AI

On September 14, 2025, a hacker group named Datacarry leaked personal data of over one million Swedish individuals on the dark web. The data breach followed a cyberattack on Miljödata, a provider of HR systems for 80% of Sweden's municipalities.
The leaked information includes personal identity numbers, phone numbers, addresses, and employment IDs, affecting both public sector employees and private organizations. Cybersecurity experts warn that the leaked data poses a risk of fraud and phishing attempts.
Datacarry demanded a ransom of 1.5 bitcoins to prevent the data release, but experts doubt Miljödata would pay. The incident is regarded as one of the largest data breaches in Sweden in recent years, impacting around 200 organizations.
The Swedish Civil Defence Minister confirmed that the national cybersecurity center is coordinating the response to the incident. Affected individuals are advised to be cautious of unsolicited contacts and report suspicious communications.

NextFin news, On Sunday, September 14, 2025, a hacker group named Datacarry published personal data of more than one million Swedish individuals on the dark web. The data leak followed a cyberattack in late August against Miljödata, a system provider that supplies HR systems to approximately 80 percent of Sweden's municipalities.

The stolen information includes personal identity numbers, phone numbers, addresses, and employment IDs of current and former employees in various municipalities and regions, including Stockholm, Region Skåne, Linköping, and Gothenburg. The breach affects both public sector employees and some private organizations connected to Miljödata's systems.

Cybersecurity expert Karl Emil Nikka, from the Swedish Theft Protection Association, told SVT Nyheter that the main risk now is that attackers will use the leaked data to contact individuals and attempt to deceive them into revealing further information. He emphasized that once data is leaked, it must be considered compromised regardless of any ransom demands.

The hacker group Datacarry claimed responsibility for the attack on Saturday and threatened to release the data on Sunday, which they subsequently did. They had demanded a ransom of 1.5 bitcoins, valued at over 1.6 million Swedish kronor in mid-September, from Miljödata to prevent the publication of the data. However, experts consider it unlikely that the company would pay the ransom.

Miljödata, which provides digital HR solutions for managing sick leave and work-related injuries, reported the incident to authorities and is cooperating with cybersecurity firm Truesec and the police in the ongoing investigation. The breach has also prompted warnings for affected individuals to be vigilant against potential fraud and phishing attempts.

The cyberattack has been described as one of the larger data breaches in recent years in Sweden, affecting approximately 200 organizations nationwide. The Swedish Civil Defence Minister confirmed that the national cybersecurity center is coordinating the response to the incident.

Individuals who are or have been employed by the affected municipalities and regions are advised to be cautious of unsolicited contacts and to report suspicious communications. SVT Nyheter has verified the authenticity of the leaked data through screenshots and confirmed identities of several individuals.

Explore more exclusive insights at nextfin.ai.

Insights

What is the background of the hacker group Datacarry?

How did the cyberattack against Miljödata occur?

What types of personal data were leaked in the recent Swedish data breach?

What percentage of Sweden's municipalities use Miljödata's systems?

What measures are being taken by authorities in response to the data breach?

How has the Swedish public reacted to the data leak incident?

What are the potential risks for individuals whose data has been leaked?

What does cybersecurity expert Karl Emil Nikka say about the implications of data leaks?

What trends in cyberattacks are being observed in Sweden and globally?

What are the challenges in preventing such large-scale data breaches?

What impact could this data breach have on the future of cybersecurity regulations in Sweden?

What steps can individuals take to protect themselves from phishing attempts following the data leak?

How does this cyberattack compare to other notable data breaches in recent years?

What role does Miljödata play in the context of Swedish data security?

Has there been any previous instance of a similar ransom demand in Sweden?

What is the significance of the ransom amount demanded by Datacarry?

How are cybersecurity firms like Truesec involved in the investigation of this breach?

What lessons can be learned from this incident for future data protection efforts?

What actions can organizations take to enhance their cybersecurity measures?

How do government responses to cyberattacks influence public trust in digital systems?

NextFin.Al

No Noise, only Signal.

Open App