IKEA lost millions after 2024 'Black Friday' cyber attack

A cyber attack on a European operator of furniture store IKEA has revealed that a cyber attack it suffered last year has cost it tens of millions of dollars.

The Fourlis Group, which operates IKEA in Greece, Cyprus, Romania, and Bulgaria, suffered a cyber attack two days before Black Friday 2024.

Now, a release revealing Fourlis Group’s financial results showed that the cyber attack impacted its IKEA stores in Greece, Cyprus, Bulgaria, and Romania, leading to disruptions.

You’re out of free articles for this month

Username or Email

Password Forgot password?

Keep me signed in on this device.

First Name

Last Name

Mobile

Organisation Type

By becoming a member, I agree to receive information and promotional messages from Cyber Daily. I can opt out of these communications at any time. For more information, please visit our Privacy Statement.

Need help signing up? Visit the Help Centre.

Fourlis Group said its systems were restored as of March 2025 but that the impact led to a €15 million (A$27 million) loss in sales.

“In late 2024, we faced a cyber security incident that temporarily disrupted operations. However, we responded swiftly and effectively, protecting data, restoring systems, and safeguarding the group’s profitability,” said the CEO of Fourlis in the press release, according to media.

According to reports, the incident was a ransomware attack. However, no group has claimed responsibility. Fourlis did confirm it did not pay a ransom.

Fourlis first disclosed the attack on 2 December 2024, revealing that its “digital and electronic systems” were impacted on 27 November.

VIEW ALL

“It is clarified that no leakage of personal data has, so far, resulted from this malicious act,” the group said in the 2024 press release.

Prior to the Fourlis Group cyber incident, IKEA suffered from a phishing cyber campaign back in 2021.

The emails were being sent from other compromised IKEA organisations and business partners, resulting in other IKEA organisations, suppliers and business partners becoming compromised by the same attack, further spreading malicious emails to persons in inter IKEA, as explained in an internal email sent to IKEA employees.

“This means that the attack can come via email from someone that you work with, from any external organisation and as a reply to an already ongoing conversation.

“It is therefore difficult to detect, for which we ask you to be extra cautious,” the IKEA internal email said.

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

You need to be a member to post comments. Become a member for free today!

newsletter

Be the first to hear the latest developments in the cyber industry.

IKEA lost millions after 2024 'Black Friday' cyber attack

Daniel Croft

OUR PLATFORMS AND BRANDS

EVENTS AND SUMMITS

PODCASTS

LEARNING AND EDUCATION

MOMENTUM MARKETS NETWORK

LINKS

STAY CONNECTED