The Biggest Furniture Chain Was Just Hit With A Massive Cyberattack

By Charlene Badasie | Published


IKEA has been hit by a cyber attack affecting some of its franchises in North Africa and the Middle East. The Swedish furniture giant said stores in Morocco and Kuwait fell victim to a ransomware attack by the notorious Vice Society. As a result, there have been disturbances in some of its operating systems. The group, known for extortion attacks on healthcare and educational organizations, allegedly posted confidential business data taken from the outlets.

Names of the IKEA files on Vice Society’s leak site point to threat actors taking data stored in Jordan as well. File and folder names indicate that sensitive employee data may have also been leaked, CyberNews reports. The furniture maker confirmed the attack on social media, saying investigations in collaboration with authorities and its cyber security partners are ongoing. Since the breached stores are independently operated by a Kuwait-based franchise, other locations remain unaffected.

Headquartered in the Netherlands, IKEA operates two stores in Jordan, three in Kuwait, and four in Morocco. According to TechRadar, the attack is not recent since the data has already been uploaded to the Vice Society leak website. That means negotiations probably broke down, with the company unable to meet the ransom demands.

As a major global brand, IKEA is often targeted by cybercriminals. In 2021, the company’s mailboxes were hit by a massive reply-all email chain attack. Speaking about the incident at the time, a spokesperson for the firm said, “Other organizations, suppliers, and business partners are compromised by the same attack and are further spreading malicious emails to persons in Inter IKEA.”

Unlike IKEA, Vice Society is a relatively new hacker group. Formed in June 2021, the group is believed to be Russian-speaking and has carried out cyber attacks on approximately 125 organizations worldwide. The largest was a breach of the Los Angeles Unified School District, which also had its data leaked after ransom negotiations broke down. However, the hackers have not developed their own attack tools. Instead, they use the Hello Kitty/Five Hands and Zeppelin ransomware toolkits.

Since attacks on retail stores like IKEA only make up 7% of the Vice Society’s victims, the group has focused on breaching the education sector between July and October 2022. But they are always in search of organizations with weaker security controls and a higher likelihood of compromise and ransom payout,” according to Microsoft report via The Record. Hacker groups are opportunistic and make a buck whenever and wherever they can.

Away from the cyber attack, Ingka Group, the owner of most IKEA furniture stores, plans to introduce additional price cuts as some input costs ease. This is a reversal from last year’s price hikes to counter soaring inflation. According to Reuters, the furniture outlet was able to lower some prices as stock volume improved and supply chains recovered.

“We are optimistic to continue focusing on lowering prices where we can,” Tolga Oncu, Head of Retail at IKEA’s parent company said. “I am quite optimistic going forward.” The lessening of some input costs, like metal and sea transport, will also allow the company to make more reductions. Additionally, opportunities for efficiencies in operations continue to deliver profits while lower prices should attract new cost-conscious customers.