The work to mitigate effect of the IT attack is as already mentioned complex. But what kind of work is actually being done? In short, it is about restoring the companies IT environment in a safe way. The work is being done in two parallell tracks: One where the attack has been mapped in detail. This brings important knowledge which is needed in order to avoid further backlashes. By finding out exactly how the attackers performed the attack, it is possible to discover other traps and stop re-attacks. The second track is about constructing a new, non-contaminated IT environment, with further layers of security, where the companies are able to go back to normal operations. 

The new environment is in place, and the restoration of for example ERP systems are moving along in good speed. All of the affected companies are operative, however to different extents.   



The work to recover after the IT attack is still progressing according to plan. As previously communicated, when there are significant news it will be made public accordingly. Meanwhile, the companies are continuously getting their systems back and gradually getting back online. 

- We are making good progress, but this is a time consuming process. One of the reasons is that we are really careful to ensure that we will not suffer from re-attacks or other setbacks. The companies are really amazing and have been able to still deliver to customers by working around the obstacles in an absolutely impressive way, comments Niklas Stenberg, CEO. 


Delivery capacity is now being restored day by day, and affected companies work in parallel, until further, partly using alternative and off-line methods to operate. 

Due to the nature of the attack, our view is that our customers most likely have not been exposed to heightened cyber risks.

Our official phone number is functional with limitations. Customers that have questions on how to reach specific companies can get help from Addtech on +46 76 339 69 18.

For investigative purposes, we are still unable to give further detailed technical information.


As previously communicated, Addtech AB and 80 of its subsidiaries was hit by an IT attack on October 30. The crime, a so-called ransomware attack, has been reported to the Swedish police and is under investigation.

The work to restore systems is progressing according to plan, with active support from external experts. The goal is to get back fully operational as quickly as possible. The affected companies have been working hard to keep up operations using alternative and off-line methods, with full focus on minimizing negative impact on customers and operations.

The scale of potential data loss is still being assessed. Financial impact will be communicated as soon as it has been fully assessed.