View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 26, 2023

Welsh furniture store chain Leekes ‘suffers ransomware attack’ by NoEscape

The group employs double extortion tactics, and claims to have stolen a large amount of the company's information.

By Claudia Glover

Ransomware gang NoEscape claims to have struck a chain of furniture stores. The group claims to have stolen 130GB of data from the Glamorgan-based Leekes.

Leekes cyberattack
Welsh furniture company Leekes has been hit by an apparent ransomware cyberattack. (Photo by aappp/Shutterstock)

The company was posted to the gang’s victim blog on 17 September, with NoEscape threatening to post an “update” today. It is unknown whether a ransom demand has been made, or if the company is co-operating with the hackers.

Screengrabs of the post circulating throughout the online community show the acronym DDoS in the bottom left of the post, hinting that one of the weapons of choice for this particular attack could have been a distributed denial of service attack (DDoS), which overwhelms a website with too many requests for it to handle.  

Leekes sells furniture and other homeware and operates six stores in Wales and the West of England. Tech Monitor has contacted the company for comment on the incident but has yet to hear back at the time of writing.

NoEscape from determined hackers

NoEscape is a ransomware gang that practices double extortion techniques to pressure its victims into paying. This means the gang will encrypt an organisation’s network infrastructure with ransomware, but only after it has stolen sensitive data. It will then offer the victim company the decryption key for a price, while also threatening to release the stolen information onto the dark web if they refuse to pay.

The gang’s recent victims include the German Federal Bar Association, which represents 166,000 lawyers. It reportedly discovered the attack on 2 August, stating that: “The Brussels office… fell victim to a criminal cyberattack, which led to a failure of the IT systems.” Once discovered, “all network connections were immediately severed”.

The gang also made headlines in June for attacking the Hawaii Community College in Hawaii, with the college paying the ransom demand to to get its data back. “After determining that the compromised data most likely contained personal information of approximately 28,000 individuals, the University of Hawaii made the difficult decision to negotiate with the threat actors in order to protect the individuals whose sensitive information might have been compromised,” the school said at the time.

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Read more: Ransomware explained: Here’s what you need to know

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.