Swedish furniture retailer IKEA is ‘investigating’ claims that hackers have stolen data in a recent breach claim.
The group known as Lapsus$, which are the same hackers who previously targeted Microsoft and Uber, claims to be selling 180GB of internal data – allegedly stolen from Ingka Group, the largest franchisee of the IKEA brand.
It is understood that the allegedly exposed data includes internal source code, with the listing claiming it includes “full mapping of global e-commerce architecture and internal coworker platforms,” as well as “supply chain logistics, cloud infrastructure, and AI/MLOps repositories”.
According to Cybernews, its researchers have reviewed the sample and found that it contains references to around 6,300 directories.
In a short statement, IKEA said: “We are aware of claims that data relating to Ingka Group has been advertised for sale online. We are investigating the matter and assessing the information available. As this work is ongoing, we are unable to comment further.”
