top of page
ZBRIQ MOTTO Transparent.png

Cyberattack in Sweden 2025: Environmental data hacked & why NIS2 is crucial

  • Catherine Higgins
  • Sep 18
  • 4 min read
Hacker at their computer

Large-scale cyberattack hits Sweden – Here's how your company can protect itself


At the end of August 2025, Sweden was hit by one of the largest cyberattacks in recent years. The IT provider Miljödata was subjected to a large-scale attack that affected around 200 municipalities and regions. The result was that sensitive personal data for up to 1.5 million people was leaked – everything from names and social security numbers to employment information.


For the affected organizations, this meant both disruptions in critical HR systems and a high risk of identity theft. But the attack is also a wake-up call for private companies: when a supplier goes down, the consequences can be enormous for everyone in the chain.


What happened during the Swedish attack in August?


  • When: Late August 2025

  • Affected: 200 municipalities, including Stockholm, Gothenburg and Skåne

  • Leaked data: Social security numbers, addresses, employment details, contact information

  • Method: Ransomware/cryptocurrency extortion

  • Impact: Business disruption, loss of trust and increased risk of fraud


Example: A single leaked social security number can be used to take out loans in an employee’s name or defraud co-workers through targeted phishing attempts. So it’s not just about technology – it’s about people’s safety.


Why is this important for businesses?


Although the attack primarily targeted public sector organisations, it shows how vulnerable all organisations are to supplier risks. Small and medium-sized businesses are particularly at risk – often without the resources to detect and stop breaches themselves in time.


The consequences of an attack are far greater than technical problems:

  • Financial costs – recovery, legal fees and loss of production.

  • Downtime – operations come to a standstill for days or weeks.

  • Loss of trust – customers and partners may start to doubt your protection.

According to international studies, an average cyber attack costs companies several million kronor – and that’s before the damage to trust is included.


NIS2 – why it’s more important than ever


The major attack on Environmental Data clearly shows why the EU’s new cybersecurity directive, NIS2, is not just a regulation – but a necessity.


From October 2024, stricter cybersecurity requirements will apply to thousands of Swedish companies and organizations. This includes:

  • Clearer responsibility for management – ​​company leaders must ensure that the right security measures are in place.

  • Incident reporting – serious cyber incidents must be reported within 24 hours.

  • Risk management requirements – continuous risk assessments, supplier checks and security procedures.

  • Greater penalties – deficiencies can lead to significant fines and personal liability.


The attack on Environmental Data shows how quickly an incident can spread throughout the entire supply chain. NIS2 makes it clear: cybersecurity is no longer optional, it is a business-critical obligation.


How we help our clients avoid the same fate


At ZBRIQ, we have a calm, proactive and human-focused approach to cybersecurity. We help companies take control of their risks and act before it's too late:

  • Dark Web scanning - discover if your data is already circulating on the dark web.

  • SOC (Security Operations Center) - 24/7 monitoring that quickly identifies and stops intrusion attempts.

  • Email & SaaS app protection - reduces the risk of phishing, spam and ransomware.

  • Incident Response & Recovery - if the worst happens, we help you return to normal operations as quickly as possible.


Our advice – lessons learned from the attack


At ZBRIQ, we work closely with our customers every day. When a risk arises, we act immediately – we are there to guide and support so that the problems do not grow. Our work is not just about solving incidents, but about building a safe everyday life for the people who are most exposed to the threats.


  1. Decision-makers and management – ​​often have higher security requirements because they handle sensitive information and can be targets for targeted attacks (so-called spear phishing).

  2. IT and security managers – need real-time support, proactive tools and a partner who can detect breaches before they have consequences.

  3. All employees – especially those who handle finance, HR or customer data – are exposed to phishing attempts every day.


Therefore, training and practical advice are a central part of our work. We show employees how to recognize:

  • Unusual sender addresses or domains

  • Spelling errors, grammatical errors, or strange wording

  • Links and attachments that don’t feel relevant

  • Urgency in the message: “act now,” “your invoice is due,” etc.


Being able to spot these signs early on can make the difference between a blocked attack and a major breach.


Our recommendations – for all companies


All organizations can take steps today to reduce their risks:

  • Map which suppliers handle your sensitive data

  • Introduce continuous monitoring of systems and networks

  • Have a clear incident plan – who does what when something happens?

  • Train staff to recognize phishing and other attacks

  • Ensure that your backups are tested and can be restored


Proactive protection – the key to security


The most important lesson from the Miljödata attack is that cybersecurity cannot wait. Acting only after an incident has occurred is often too late.


That is why we at ZBRIQ are proactive:

  • We continuously monitor our customers' environments

  • We react to threats immediately, before they have time to grow

  • We guide our customers through the entire process – from training to recovery


In this way, we create security, continuity and control for companies that want to be one step ahead of the next attack.

The best protection is to stay one step ahead


It is not possible to build 100% protection against cyberattacks – but you can make it significantly more difficult for attackers. It is about having the right tools, routines and culture in place before the incident occurs.


Cybersecurity is no longer just technology. It is people, processes and trust.


Conclusion


The threat landscape is growing – but you do not have to stand alone. Through the right combination of technology, processes and people, risks can be reduced and trust maintained.


At ZBRIQ, we help our customers create security, continuity and control in a digital world where threats never sleep.


Want to know how we can protect your company? Contact us for a review.


 
 
 
bottom of page