Swedish furniture powerhouse Ikea confirmed that its shops in North Africa and the Middle East fell victim to a ransomware attack by the ransomware gang Vice Society.
“IKEA Morocco and Kuwait faced a cyber attack, causing disruptions on some operating systems. The attack is being investigated in collaboration with the competent authorities as well as our cybersecurity partners,” the company said in a Twitter post in French, which was reported by Cybernews (opens in new tab).
IKEA also noted that these shops are under the Kuwaiti franchise, and thus separate from other IKEA companies around the world.
Sensitive data leaks
IKEA’s headquarters are in the Netherlands and has three stores in Kuwait and four in Morocco.
The attack is not recent, in all likelihood, as Vice Society has already added the sensitive files stolen in the attack to its data leak website. That likely means that the negotiations have already broken down and that the company did not meet the ransom demands.
Cybernews analyzed the data that was posted and says that some of the file names there suggest an IKEA store in Jordan was compromised, as well. The company operates two stores in that country. The data leaked might include employee passport data, it was said.
As a major global brand, IKEA is often the target of cybercriminals. In November last year, it was reported the company’s mailboxes were the target of a major reply-all email chain attack.
“Other Ikea organizations, suppliers, and business partners are compromised by the same attack and are further spreading malicious (opens in new tab) emails to persons in Inter Ikea,” the company said in an internal email sent to its employees at the time.
Vice Society, on the other hand, is a relatively new operation formed in late 2020, but one that has already compromised at least 125 organizations worldwide, perhaps most notoriously the Los Angeles Unified School District (LAUSD), which also had its data leaked after ransom negotiations broke down.
Via: Cybernews (opens in new tab)
