Swedish furniture giant Ikea confirmed that its stores in North Africa and the Middle East have fallen victim to a ransomware attack by ransomware gang Vice Society.
“IKEA Morocco and Kuwait faced a cyberattack, which disrupted some operating systems. The attack is being investigated in collaboration with the competent authorities and our cybersecurity partners,” the company said in a Twitter post in French, which was reported by Cyber news (opens in new tab).
IKEA also noted that these stores are under the Kuwaiti franchise and are thus separate from other IKEA businesses around the world.
Sensitive data leaks
IKEA is headquartered in the Netherlands and has three stores in Kuwait and four in Morocco.
In all likelihood, the attack is not recent, as Vice Society has already added the sensitive files stolen in the attack to its data breach website. That probably means that the negotiations have already broken down and the company did not comply with the ransom demands.
Cybernews analyzed the data posted and says some of the filenames there suggest an IKEA store in Jordan has also been compromised. The company operates two stores in that country. The leaked data may contain employee passport details, it was said.
As a major global brand, IKEA is often targeted by cybercriminals. Last November, it was reported that the company’s mailboxes were the target of a major reply-all email chain attack.
“Other Ikea organizations, suppliers and business partners are compromised by the same attack and are spreading malicious software (opens in new tab) emails to individuals within Inter Ikea,” the company said in an internal email sent to its employees at the time.
Vice Society, on the other hand, is a relatively new operation created in late 2020, but has already compromised at least 125 organizations worldwide, perhaps most notoriously the Los Angeles Unified School District (LAUSD), whose records are also leaked after ransom negotiations broke down.
Through: Cyber news (opens in new tab)