Massive data breach in Sweden: Miljödata attack affects 1.5 million people, investigation launched

Sweden is investigating one of the largest data breaches in its history: an attack on IT systems provider Miljödata compromised the data of around 1.5 million citizens. Cybercriminals stole the information and published it on the darknet, and the regulator IMY has already started a GDPR compliance check. The Swedish Privacy Authority (IMY) announced the launch of an investigation after cybercriminals hacked the systems of Miljödata, a provider of IT solutions for 80% of the country’s municipalities.

The company reported the incident on August 25, 2025: the data was stolen, and the attackers demanded 1.5 BTC in exchange for not tracking the information.

The attack caused disruptions to government services in the regions of: Halland, Gotland, Skellefteå, Kalmar, Karlstad, Mönsterås. Later, the hacker group Datacarry published the stolen 224 MB archive on its darknet portal. The service Have I Been Pwned confirmed the appearance of the data and added it to its database.

According to their estimate, the leak affected 870,000 people, which is lower than IMY’s initial estimate, but contained sensitive information:

• names

• email addresses

• physical addresses

• telephone numbers

• national identification numbers

• dates of birth

IMY emphasizes that the leak “could have affected protected categories, including children and individuals with confidential status.”

Miljödata provides administrative systems for municipalities and government agencies.

Due to the scale of the incident, the state immediately involved:

1. CERT-SE

2. police

3. data regulator IMY

The investigation focuses on Miljödata and several municipalities, including Gothenburg and the Västmanland region. The key goal is to determine whether the GDPR requirements for cyber security and data storage were met. The regulator specifically emphasizes that the event has become a lesson in transparency, access control and risk limitation for critical platforms. The Miljödata incident is a warning to public and private structures across Europe. Even large public contractors can become a vulnerable chain, and the leakage of such a large amount of personal data can lead to serious legal consequences and fines under the GDPR. At a time when cyber threats are only growing, a transparent security system, the protection of confidential information and a prompt response to incidents are becoming critical.