Ransomware victim disclosure
← All victimsMiljödata
Claimed by Datacarry · listed 10 months ago
Status timeline
- ListedSep 13, 2025
- Data leakeddate unknown
At a glance
About the victim
AI dossier — public-source company profileMiljödata is a Sweden-based company specialising in the development of systems and software for monitoring environmental quality. Their solutions cover groundwater, surface water, air, and precipitation, and include specialised measuring methods for tracking mercury in the environment. The company offers turn-key solutions for environmental monitoring stations.
- Industry
- Environmental Monitoring Systems & Software
Attack summary
Severity: medium — Data is listed as published, indicating confirmed exfiltration rather than a mere announcement; however, no regulated PII at scale, medical, financial, or government/defence data is identified, and the scope and sensitivity of the disclosed data are unclear.The group datacarry claims to have published data belonging to Miljödata, with the disclosure status recorded as data_published; no specific details on encryption or volume of exfiltrated data are stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Environmental monitoring data
- Internal company data (unspecified)
Original description
AI-summarised, not from the leak postMiljödata, based in Sweden, specializes in developing systems to monitor environment quality. Their products are used in studying environmental changes within aspects like groundwater, surface water, air, and precipitation. They develop measuring methods and systems for tracking mercury in the environment and offer turn-key solutions for environmental monitoring stations.
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

