IKEA’s Kuwait, Morocco franchises hit by Vice Society ransomware gang

Major Swedish furniture retail firm IKEA had its Kuwait and Morocco franchises compromised by the Vice Society ransomware gang, resulting in disruptions for certain operating systems, according to The Record, a news site by cybersecurity firm Recorded Future. Vice Society added both IKEA franchises on its leak site on Monday, with the shared file names suggesting the theft of business and employee data, as well as information from Jordan-based IKEA outlets. Investigation of the incident is ongoing, said an IKEA spokesperson, who emphasized that the attack impacting both franchises, which is owned by an independent Kuwait-based franchisee, has not impacted other IKEA retailers around the world. The attacks come nearly a year after IKEA was hit by a reply-chain phishing intrusion that compromised employees' internal email accounts with malware. Some IKEA organizations, business partners, and suppliers have also been affected by the particular attack, said IKEA in an internal email regarding the incident.