The IT supplier Miljödata has investigated the consequences of the cyberattack. The investigation shows that certain information about current and former employees at Chalmers has been leaked.
Last week it became known that Miljödata, the supplier of Adato – a system that Chalmers uses in the rehabilitation process for employees – had been subjected to a cyberattack. Miljödata has taken a range of measures, and a thorough investigation is under way into the incident and its consequences.
According to Miljödata’s investigation, certain personal data relating to current and former Chalmers employees has leaked from Adato to the attacker. Adato has been used at Chalmers since March 2022, so if your employment ended before that date, you are not affected by the leak.
Data that has leaked includes:
- names
- personal identity numbers
- contact details
- gender
- number of sick days
Miljödata stresses that no data has leaked that contains details of medical certificates, trade union membership, notes made by managers, or information on the reasons for rehabilitation plans.
Individuals at Chalmers with protected personal data have not had their protected details disclosed. At present, there is no indication that the leaked data has been disseminated further.
The investigation continues
Miljödata has reported the incident to the police and continues its work to investigate what happened and what consequences it may have. Miljödata has reinstalled the Adato system with additional security measures against future intrusion attempts.
In line with procedures, Chalmers has reported the matter to the Swedish Authority for Privacy Protection (IMY) and is monitoring developments.
Any questions, please contact HR on hr@chalmers.se
Chalmers Data protection officer can be contacted on dataskydd@chalmers.se.