¸£Àû¼§

Home

Cyberattack against LiU's system supplier Miljödata

05 September 2025

Elin Olingdal

On 25 August, it became known that Miljödata, the provider of the Adato system used by LiU in the employee rehabilitation process, had been subjected to a cybersecurity attack. A number of measures have been taken, and a investigation is ongoing to determine what happened and what the consequences may be.

Updated September 15
Yesterday, on September 14, LiU received information from Miljödata that the stolen data from the Adato system breach has now been published. The rehabilitation service Adato is used across large parts of Sweden, and this incident has affected several municipalities and regions.

The breach impacts all current and former employees at LiU. Miljödata emphasizes that no data containing details from medical certificates, union affiliation, manager notes, or reasons for rehabilitation plans has been leaked.

However, given what has happened, it is important to remain vigilant.

------------------------------------------------------------------------------------

Published September 5
It has now been confirmed that certain personal data belonging to current and former LiU employees has been leaked from Adato to the attacker.

The leaked data includes:

  • Name
  • Personal identity number
  • Gender
  • Contact details - Email addresses (@liu.se) and phone numbers
  • Address
  • Number of sick days*

* For individuals who were on sick leave at the time the data was stolen, the number of sick days in the ongoing sick leave period has also been published, presented as a numerical value.

Questions and answers

What are the risks associated with a cybersecurity attack?

What are the risks associated with a cybersecurity attack?

There may be a risk of identity theft. You can read more about the risks and what to do if you are affected on the following authority websites:





What is LiU doing to handle the situation?

LiU has formed a task force with expertise in cybersecurity, data protection, system management, communication, and HR to manage the incident. In accordance with procedures, LiU has reported the incident to IMY and MSB. We are in ongoing contact with Miljödata AB and are following their investigation closely to provide information to all potentially affected employees.

What happens next?

We encourage everyone to stay updated via ³¢¾±±«â€™s communication and the listed authority websites. Be alert for any signs that your personal data may have been misused. As soon as LiU receives further information from Miljödata, updates will be provided.

How many people are affected by the cybersecurity attack on Miljödata?

As of the end of last week, IMY had received around 450 reports related to the incident. According to media reports, approximately 80 percent of the country’s municipalities use systems that may have been affected by the attack. Miljödata also has private companies and government agencies as clients.

Contact

Photo of Pia Rundgren

Pia Rundgren

Director of Human Resources, Head of Division

Tags