The browser you are using is not supported by this website. All versions of Internet Explorer are no longer supported, either by us or Microsoft (read more here: https://www.microsoft.com/en-us/microsoft-365/windows/end-of-ie-support).

Please use a modern browser to fully experience our website, such as the newest versions of Edge, Chrome, Firefox or Safari etc.

The cyberattack targeting Lund University's system supplier, Miljödata

På svenska
By webbansvarig [at] hr [dot] lu [dot] se (HR-sektionens webbansvarig) - published 15 September 2025
Hacker using computer virus for cyber attack. Mostphotos.

An investigation by Miljödata AB, the company which supplies the Adato system to Lund University, shows that the group behind the cyberattack on Adato was able to access certain information about all of the University’s employees. Former employees are also affected.

This page was updated 29 September 2025.

Both current and former employees of Lund University are affected, with the latter group including those employed from 2008 onwards.

According to Miljödata AB, the data stolen in the Adato rehabilitation service data breach was later published on the Darknet.

Be vigilant

Given these circumstances, staff members are encouraged to be particularly vigilant if they are contacted by persons or companies with whom they have not previously had contact, or when contact is made in an unusual way.
This applies to all forms of communication – phone calls, text messages, letters or emails. Both your work-related and private contact details may be affected.

FAQs 

Yes, it is now possible to use Adato at Lund University again. Based on information from Miljödata, the University conducted a controlled start-up of Adato on 1 September 2025. 

Miljödata has implemented a number of additional security measures including technical and organisational changes to improve security.

The leaked information includes personal identity number, name, address, contact details and rehab chain days. Rehab chain days refers to data on the number of sick days reported to other public authorities.

Miljödata has clarified that the leak does not include information related to the health of employees (e.g. medical certificates or information about the reasons for rehabilitation plans), details of trade union engagement or notes made by managers.

The University has submitted a police report and a notification to the Swedish Data Protection Authority (IMY) based on the information provided by Miljödata. An incident report has also been submitted to the Swedish Civil Contingencies Agency (MSB). We await the results of those investigations. 

Lund University works actively to avoid data breaches at a central level, but there are also many things we can do ourselves, as employees.

One important element is for all employees to improve their knowledge of information security.

Take the basic information security course on Kompetensportalen.

Here are five tips on how to improve your IT security:

There are many things you can do. Here are five useful tips. 

  1. Think before you click. Be wary of links in emails – even if they appear to come from a colleague or manager. Check the sender carefully. Even if the email appears to come from a well-known sender, you should be wary of strange links.
  2. Report suspicious emails. Have you received a strange email? Report this straight away. This helps University IT organisations to act quickly and protect others. If you suspect that you have fallen for any type of phishing, it is important that you change your password immediately. You report this to LU Servicedesk as usual, servicedesk [at] lu [dot] se.
  3. Be careful about using computers and phones other than your own. A common reason for passwords being compromised is through the use of an insecure computer or phone. You might use a shared family computer with weaker security. Perhaps you borrow a computer from a colleague at a conference to check your emails. Or you take an old, scrapped computer out of your desk drawer. When you use a computer managed by Lund University, you know that it is protected from viruses and similar threats.
  4. Update your software regularly. Make sure your computer and known apps/programs are up to date. If an “Update software” banner appears, you are to install the update. Security updates eliminate known vulnerabilities.  
  5. Lock your computer whenever you leave it unattended. This is an easy way of preventing unauthorised access, especially in open office environments. 

Never share your login details. Not even with your closest colleague. Your login details are yours alone.

When travelling or commuting, there are several things to bear in mind to increase IT security. We have summarised this advice in a Travel Safety Checklist.

Have you received a strange email? Report this straight away to LU Servicedesk servicedesk [at] lu [dot] se (servicedesk[at]lu[dot]se).

This helps University IT organisations to act quickly and protect others. If you suspect that you have fallen for any type of phishing, it is important that you change your password immediately.

More reading

You can read more about how to protect yourself on the following pages:

You can raise any further questions you might have with your manager. Managers can get support from HR.

About the attack

Lund University's system supplier Miljödata AB was subjected to a cyberattack over the weekend of 23-24 August. Miljödata supplies the Adato system to Lund University. Adato is a system used primarily to document and manage rehabilitation cases.

To contain the cyberattack, Miljödata initially took their systems offline, which meant that their customers could not use Adato. At first, Miljödata was also initially unable to see any signs of data having been taken. They brought in external expertise to investigate the incident and to restore the affected systems. 

Latest news

Link to RSS
All news
Last updated: 29 Sep 2025