Update: Cyber Incident at Miljödata Leads to Personal Data Leak
Two weeks ago, it became known that Miljödata, the provider of Adato, had been subjected to a cyber incident.
Adato is used by SLU to monitor sick leave and to document rehabilitation and other preventive measures. The system contains personal data about current and former SLU employees.
It has now come to light that certain information about current and former SLU employees has leaked from Adato to the attacker. Your personal data may be in the system if you have had sick leave, rehabilitation cases or submitted receipts for healthcare/medication.
The leaked data includes:
- name
- personal identity number
- employment start date
- contact details, including home address
- gender
- estimated retirement date
- number of sick leave days
Miljödata emphasises that, at this point, no information has been leaked that includes details from medical certificates, union affiliation, notes made by managers, or information about the reasons for rehabilitation plans.
What happens now?
The investigation into the cyberattack is still ongoing, and Miljödata continues to provide regular updates to its customers.
The university takes the situation very seriously, and as we receive further information, additional measures will be taken and further updates will be provided.
SLU has reported the incident to the Swedish Authority for Privacy Protection (IMY) and the Swedish Civil Contingencies Agency (MSB). Miljödata has reported the cyberattack to the police.
Be vigilant
Given the current situation, employees are urged to remain especially vigilant if contacted by individuals or companies you have not previously been in touch with, or if the contact occurs in an unusual way. This applies regardless of whether communication is made by phone call, SMS, letter, or email – and applies both to your work-related and private contact details.
There is a risk of identity theft. These pages provide information on preventive measures and the steps you can take should it occur (information in Swedish):
Identity theft – how to protect yourself against identity takeover and fraud | Swedish Tax Agency
Actions if you are affected by a personal data incident | IMY
Identity theft, ID takeover | Swedish Police
Background – what has happened so far
SLU’s system provider Miljödata AB was subjected to a cyberattack on Saturday, August 23. Miljödata provides the Adato system to SLU. Adato is mainly used to document and manage rehabilitation cases. Miljödata has reported the incident to the police and continues its work to investigate what has happened.
To contain the cyberattack, Miljödata initially isolated its systems, which meant that their customers could not use Adato. Initially, Miljödata could not see any signs that data had been taken. It has now become clear that certain information has leaked from Adato to the attacker.
Based on information from Miljödata, SLU carried out a controlled restart of Adato on September 1, 2025.
Contact
If you have questions, please contact HR at HR-specialisterna@slu.se
SLU’s Data Protection Officer can be contacted at dataskydd@slu.se