A Black Friday Disaster Hits IKEA’s Operator
Just before the biggest shopping weekend of the year—Black Friday—something went very wrong for IKEA’s franchise operator in parts of Europe. The company, called the Fourlis Group, runs IKEA stores in Greece, Cyprus, Romania, and Bulgaria. In late November 2024, just before the holiday rush, the group was hit by a cyberattack. It was a ransomware attack, which is a type of attack that locks computer systems.
This type of attack locks a company’s computer systems. Hackers demand money to unlock them. In this case, they caused more than just chaos. They created a big financial mess. The Fourlis Group said the attack caused a loss of about €20 million. That is nearly ₹191 crore in Indian money.
The attack mostly affected IKEA’s e-commerce (online shopping) and store systems. These systems were down for several weeks, from late November 2024 all the way into February 2025. Customers trying to shop online faced errors, and store operations slowed down, causing huge problems during a critical sales period.
The company officially admitted on December 3, 2024, that technical problems were not just random glitches but the result of a “malicious external action.” In simple terms, hackers had broken into their systems.
IKEA Hit Hardest, But Other Brands Were Also at Risk
The Fourlis Group doesn’t only manage IKEA stores. They are also responsible for other big brands like Intersport, Foot Locker, and Holland & Barrett in the same regions. However, IKEA was the main target and suffered the most from the ransomware attack.
By the end of December 2024, the group had already lost around €15 million (about ₹135 crore) in sales. And that wasn’t the end of it. Another €5 million in losses followed in the first few weeks of 2025, making it a total financial blow of ₹191 crore.
Even though no ransom was paid to the attackers, the damage was already done. The company brought in outside cybersecurity experts to help fix the systems and make them stronger. These experts also made sure that the hackers couldn’t attack again. In fact, several follow-up attempts by the hackers were stopped in time, thanks to the new protections.
Cyberattack Catastrophe: How Hackers Can Endanger Human Lives ?
The company also ran a detailed investigation to check if any customer data had been stolen. Thankfully, the findings showed no proof that personal data was taken or leaked. Still, Fourlis informed the data protection authorities in all four affected countries to stay within legal boundaries and keep things transparent.
No Group Claims Responsibility as Investigation Continues
Even months after the attack, no known hacker group has taken responsibility for the incident. Experts believe this might be because the attackers didn’t manage to steal any useful data or because they are still secretly trying to negotiate something with the company.
Ransomware attacks like this one are becoming more and more common. Big retail companies are especially attractive to cybercriminals, especially during busy times like Black Friday or the holiday season. These are periods when any technical breakdown can lead to major financial losses—and that’s exactly what happened in this case.
IKEA’s systems are back online now, but the attack caused big problems. Online shoppers faced delays and errors. In stores, workers had to manage without working systems. This led to confusion and stress. IKEA depends on fast and smooth service, so the impact was serious.
Critical Vulnerabilities: The Dark Side of Pacemaker Technology
The company says that even though some data was temporarily unavailable during the attack, they were able to restore access quickly. Their teams, along with the cybersecurity experts, worked around the clock to recover the systems and ensure safety.
The IKEA ransomware attack is one of the worst cyber incidents to hit a big retail company in Europe. The systems are now safe, and customers are shopping again. But the damage is already done. This attack shows that cyber threats can hit hard. They often come when companies are not ready.
