Extortion attempt and 20 million euros in damage – IKEA hit by cyberattack

By: Trademagazin Date: 2025. 04. 11. 11:38

A cyberattack on IKEA’s Southeast European region in late 2024 has caused significant financial losses, but the details have only just been made public. The furniture chain was hit on November 27, just days before Black Friday, causing technical problems on its online platforms and delays in product deliveries.

Forlis Group, which operates IKEA stores in Bulgaria, Cyprus, Greece and Romania, reported a total loss of €20 million. The company said €5 million of this was incurred in 2025, meaning the impact went far beyond the immediate weeks following the attack.

“The incident caused temporary disruptions in the supply of stores, primarily in the home furnishing segment (IKEA stores) and e-commerce activities between December 2024 and February 2025,”

the company’s official statement says.

With the ransomware attack, the cyber attackers tried to extort money from the company, but IKEA’s management decided not to pay, reported Dimitris Valachis, CEO of Forlis Group. The restoration of the systems was carried out with the involvement of external cybersecurity experts.

However, the series of attacks did not end: further attempts were made, but these were successfully thwarted by the company’s IT security team. During the investigations, no evidence of data theft or leakage of sensitive data was found. No known ransomware group claimed responsibility for the attack – presumably because they failed to achieve their goal.

According to the report, also cited by Quality Placement (QP), Forlis Group is now planning further investments in improving its IT security. The incident clearly shows that even large international chains are not safe from digital threats, and with the growing presence of e-commerce, such attacks pose an increasing risk to business.