A cyberattack on Miljödata, the IT systems supplier behind roughly 80% of Sweden’s municipal operations, has caused widespread accessibility problems across more than 200 regions and municipalities, authorities said Tuesday.
Local media reported that the threat actor demanded a ransom of 1.5 Bitcoins in exchange for not leaking stolen information, according to Aftonbladet.
Miljödata is a Swedish software company that develops and provides work environment and HR management systems for municipalities, regions, and related organizations. Its tools are used to manage medical certificates, rehabilitation cases, occupational injuries, incident and work environment reporting, and systematic work-environment management (SAM) for many Swedish authorities.
The attack occurred over the weekend, with Miljödata CEO Erik Hallén confirming on SVT on August 25 that more than 200 municipalities had been affected. He said the company is working with external experts to determine what happened, who was affected, and to restore systems.
Regional authorities warned residents as the incident unfolded. The Halland Region posted about the incident in its communications, noting the supplier was vulnerable to cyberattack, while Gotland Region issued warnings that sensitive personal data may have been leaked.
Other municipalities reported as impacted by Swedish media include Skellefteå, Kalmar, Karlstad, and Mönsterås, according to Norran.
Swedish minister for civil defence, Carl-Oskar Bohlin, said the incident was being evaluated to estimate its impact with assistance from CERT-SE, and that police had opened an investigation. He posted his comments on X.
As of the latest updates, no ransomware group has publicly claimed responsibility for the Miljödata attack, and the company’s website remained offline with reported email outages.