Swedish furniture powerhouse Ikea has confirmed that its stores in North Africa and the Middle East fell victim to a ransomware attack by the Vice Society ransomware gang.

«IKEA Morocco and Kuwait have faced a cyber attack that has caused interruptions in certain operating systems. The attack is being investigated in collaboration with the relevant authorities, as well as our cybersecurity partners," the company said in a Twitter post in French, which was reported by Cybernews. (opens in a new tab).

IKEA also noted that these stores are under the Kuwait franchise and therefore separate from other IKEA companies around the world.

Sensitive data leaks

IKEA's head office is in the Netherlands and it has three stores in Kuwait and four in Morocco.

The attack is probably not recent, as Vice Society has already added the confidential files stolen in the attack to its data breach website. This probably means that the negotiations have already failed and the company has not responded to the ransom demands.

Cybernews has analyzed the published data and says that some of the file names suggest that an IKEA store in Jordan has also been compromised. The company operates two stores in this country. The leaked data could include employees' passport data, it was said.

As one of the world's leading brands, IKEA is often the target of cybercriminals. In November last year, it was reported that company mailboxes were subjected to a major attack by the reply-all email chain.

"Other Ikea organizations, suppliers and business partners are compromised by the same attack and are spreading more malicious emails (opens in a new tab) to people from Inter Ikea," the company said in an internal email sent to its employees on that moment. .

Vice Society, on the other hand, is a relatively new operation formed in late 2020, but has already engaged at least 125 organizations around the world, perhaps the most notorious being the Los Angeles Unified School District (LAUSD), whose data was also leaked after the ransom. the negotiations failed.

Via: Cybernews (Opens in a new tab)

Share This