IIG
Company Details
Linkedin ID:
interikeagroup
Website:
Employees number:
1,317
Number of followers:
140,197
NAICS:
337
Industry Type:
Homepage:
ikea.com
IP Addresses:
0
Company ID:
INT_2103515
Scan Status:
In-progress
Inter IKEA Group Company CyberSecurity Posture
ikea.com
ONE BRAND, MANY COMPANIES AND MANY, MANY PEOPLE We’re a diverse group of down-to-earth, straightforward people with a passion for home furnishing. We come from all over the world, but we share an inspiring vision: “to create a better everyday life for the many people”. How we realise this vision is based on our shared humanistic values. These values are the foundation of our work and our inclusive, open and honest culture where you can be yourself. Our culture is based on the spirit of togetherness, enthusiasm and fun. And we’re always looking for people who share our positive attitude and values. IKEA unites thousands of co-workers and hundreds of companies with different owners, all over the world, organised in a franchise system. It’s one brand but it reaches millions of hearts and homes. ABOUT INTER IKEA GROUP The purpose of Inter IKEA Group is to secure continuous improvement, development, expansion and a long life of the IKEA Concept. It has three core businesses: Franchise, Range & Supply and Industry. • Inter IKEA Systems B.V. is the owner of the IKEA Concept and the worldwide IKEA franchisor. The assignment is to continuously develop the IKEA Concept and to ensure its successful implementation in existing and new markets. 11 different groups of companies own and operate IKEA sales channels under franchise agreements with Inter IKEA Systems B.V. A large group of franchisees are owned & operated by INGKA Group. Inter IKEA Systems B.V. also assigns different IKEA companies to develop range, supply and communication. • IKEA Range & Supply is responsible for developing and supplying the global IKEA range. This means working with the whole value chain: from the needs and wants of the many people, through product development and the sourcing of raw materials, to a product’s end-of-life. • IKEA Industry is the largest producer of wooden furniture in the world and manufactures wood-based furniture for the IKEA product range. We can offer a wide variety of exciting roles and assignments - from product development to production and from distribution and store design to interior design. And much, much more! And we’re always looking for people who have the desire to learn and grow professionally right along with our business. We can offer a wide variety of exciting roles and assignments - from product development to production and from distribution and store design to interior design. And much, much more! And we’re always looking for people who have the desire to learn and grow professionally right along with our business.
Inter IKEA Group A.I CyberSecurity Scoring
IIG Risk Score (AI oriented)Between 750 and 799
IIG
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
IIG Global Score (TPRM)XXXX
IIG
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
IIG Company CyberSecurity News & History
Past Incidents
4
Attack Types
2
IKEA
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Ikea Canada suffered a data breach incident that compromised the personal information of approximately 95,000 customers. The compromised information included customer names, email addresses, phone numbers, and postal codes, however, no financial or banking information was exposed. They reviewed and updated internal processes to prevent such incidents in the future.
IKEA
Breach
Rankiteo Explanation
Attack threatening the organization's existence
Description: Vice Society targeted the IKEA stores in Morocco and Kuwait and posted data taken from them on their leak site. They managed to steal confidential business data and even sensitive employee information.
IKEA
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: IKEA fell prey to a cyber attack in internal phishing attacks using stolen reply-chain emails. IKEA organizations, suppliers, and business partners were compromised by the attack and it was still spreading to other systems as well. IT team warned the employees to not open any mail containing suspicious links and report it to them immediately if received
IKEA
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: According to BleepingComputer, IKEA is fending off an alleged reply-chain phishing attempt that targets internal mailboxes and sends emails from other compromised IKEA groups and business partners. The attack compromised IKEA businesses, suppliers, and business partners, and it was still spreading to additional systems. They asked the employees to not open any mail containing suspicious links and report it to them immediately if received.
IIG Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for IIG
Incidents vs Furniture and Home Furnishings Manufacturing Industry Average (This Year)
No incidents recorded for Inter IKEA Group in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Inter IKEA Group in 2025.
Incident Types IIG vs Furniture and Home Furnishings Manufacturing Industry Avg (This Year)
No incidents recorded for Inter IKEA Group in 2025.
Incident History — IIG (X = Date, Y = Severity)
IIG cyber incidents detection timeline including parent company and subsidiaries
IIG Company Subsidiaries
ONE BRAND, MANY COMPANIES AND MANY, MANY PEOPLE We’re a diverse group of down-to-earth, straightforward people with a passion for home furnishing. We come from all over the world, but we share an inspiring vision: “to create a better everyday life for the many people”. How we realise this vision is based on our shared humanistic values. These values are the foundation of our work and our inclusive, open and honest culture where you can be yourself. Our culture is based on the spirit of togetherness, enthusiasm and fun. And we’re always looking for people who share our positive attitude and values. IKEA unites thousands of co-workers and hundreds of companies with different owners, all over the world, organised in a franchise system. It’s one brand but it reaches millions of hearts and homes. ABOUT INTER IKEA GROUP The purpose of Inter IKEA Group is to secure continuous improvement, development, expansion and a long life of the IKEA Concept. It has three core businesses: Franchise, Range & Supply and Industry. • Inter IKEA Systems B.V. is the owner of the IKEA Concept and the worldwide IKEA franchisor. The assignment is to continuously develop the IKEA Concept and to ensure its successful implementation in existing and new markets. 11 different groups of companies own and operate IKEA sales channels under franchise agreements with Inter IKEA Systems B.V. A large group of franchisees are owned & operated by INGKA Group. Inter IKEA Systems B.V. also assigns different IKEA companies to develop range, supply and communication. • IKEA Range & Supply is responsible for developing and supplying the global IKEA range. This means working with the whole value chain: from the needs and wants of the many people, through product development and the sourcing of raw materials, to a product’s end-of-life. • IKEA Industry is the largest producer of wooden furniture in the world and manufactures wood-based furniture for the IKEA product range. We can offer a wide variety of exciting roles and assignments - from product development to production and from distribution and store design to interior design. And much, much more! And we’re always looking for people who have the desire to learn and grow professionally right along with our business. We can offer a wide variety of exciting roles and assignments - from product development to production and from distribution and store design to interior design. And much, much more! And we’re always looking for people who have the desire to learn and grow professionally right along with our business.
Loading...
IIG Similar Companies
Mercadona
Mercadona is a leading company of physical supermarkets in Spain with an online service, with over 1,600 stores and more than 5.7 million households as customers. Additionally, it has more than 30 stores in Portugal, with a presence in nine different districts. A family-owned company, its objective
UNIQLO
About UNIQLO LifeWear Apparel that comes from the Japanese values of simplicity, quality, and longevity. Designed to be of the time and for the time, LifeWear is made with such modern elegance that it becomes the building blocks of each individual’s style. A perfect shirt that is always being made m
Foot Locker
Foot Locker, Inc. is a leading footwear and apparel retailer that unlocks the “inner sneakerhead” in all of us. With approximately 2,500 retail stores in 26 countries across North America, Europe, Asia, Australia, and New Zealand, and a franchised store presence in the Middle East and Asia, Foot Loc
Victoria’s Secret & Co. (NYSE: VSCO) is a specialty retailer of modern, fashion-inspired collections including signature bras, panties, lingerie, casual sleepwear, athleisure and swim, as well as award-winning prestige fragrances and body care. VS&Co is comprised of market leading brands, Victoria’s
Shoppers Drug Mart
Built on a foundation of professional expertise and personal service, Shoppers Drug Mart has been meeting Canadians' health care needs for 50 years. What was once a small pharmacy in Toronto has grown into an organization of over 1,200 stores from coast to coast, becoming an indelible part of the l
OXXO
Somos la cadena de tiendas de conveniencia más grande de México y América Latina, con 45 años de experiencia y más de 22 mil establecimientos ubicados a lo largo de la República Mexicana, Colombia, Perú, Chile y Brasil. En OXXO como compañía 100% mexicana y como parte de la División Proxi
.png)
IIG CyberSecurity News
November 10, 2025 08:00 AM
Inter IKEA FY25 profit declines as tariffs and higher costs impact
Inter IKEA Group has reported a decline in profitability for the year ended 31 August 2025 (FY25), hit by tariffs and rising costs.
November 06, 2025 08:00 AM
Inter IKEA Group Announces Forest Investment as Part of 100M Euro Commitment to Climate Action
As part of the previously announced Inter IKEA Group investment of €100 million for removing and storing carbon, IKEA is now launching a...
October 17, 2025 07:00 AM
Inter Ikea Group retail sales fall 1% in FY25
Inter Ikea Group recorded a 1% decline in total retail sales for the financial year 2025 (FY25) that ended on 31 August.
September 18, 2025 07:00 AM
Inter IKEA switches CEOs as it focuses on cash-strapped consumers
Inter IKEA Group CEO Jon Abrahamsson Ring will step down at the end of the year, the owner of the world's biggest furniture brand said on...
June 24, 2025 07:00 AM
Colorifix secures $18m to rollout sustainable dyeing process
Colorifix has closed its funding round to support the full-scale commercial manufacturing of its sustainable biological dyeing process.
April 14, 2025 07:00 AM
IKEA lost millions after 2024 'Black Friday' cyber attack
The Fourlis Group, which operates IKEA in Greece, Cyprus, Romania, and Bulgaria, suffered a cyber attack two days before Black Friday 2024.
January 07, 2025 08:00 AM
Greece's 2024 Cyber Threat Landscape: A Year Of Increased And Varied Attacks
The year 2024 proved challenging for cybersecurity in Greece, with a significant surge in the volume and sophistication of cyberattacks.
December 06, 2024 08:00 AM
2025 agenda now live!
We are excited to announce the highly anticipated agenda for Identity Week Europe 2025, taking place on the 17-18 June in Amsterdam.
December 06, 2024 08:00 AM
Cleantech company Nilo secures $13m in series A fund raise
Cleantech company Nilo has secured a $13 million series A capital raise let by Inter IKEA and venture capital firm Pacific Channel.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
IIG CyberSecurity History Information
Official Website of Inter IKEA Group
The official website of Inter IKEA Group is http://www.inter.ikea.com/.
Inter IKEA Group’s AI-Generated Cybersecurity Score
According to Rankiteo, Inter IKEA Group’s AI-generated cybersecurity score is 765, reflecting their Fair security posture.
How many security badges does Inter IKEA Group’ have ?
According to Rankiteo, Inter IKEA Group currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Inter IKEA Group have SOC 2 Type 1 certification ?
According to Rankiteo, Inter IKEA Group is not certified under SOC 2 Type 1.
Does Inter IKEA Group have SOC 2 Type 2 certification ?
According to Rankiteo, Inter IKEA Group does not hold a SOC 2 Type 2 certification.
Does Inter IKEA Group comply with GDPR ?
According to Rankiteo, Inter IKEA Group is not listed as GDPR compliant.
Does Inter IKEA Group have PCI DSS certification ?
According to Rankiteo, Inter IKEA Group does not currently maintain PCI DSS compliance.
Does Inter IKEA Group comply with HIPAA ?
According to Rankiteo, Inter IKEA Group is not compliant with HIPAA regulations.
Does Inter IKEA Group have ISO 27001 certification ?
According to Rankiteo,Inter IKEA Group is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Inter IKEA Group
Inter IKEA Group operates primarily in the Furniture and Home Furnishings Manufacturing industry.
Number of Employees at Inter IKEA Group
Inter IKEA Group employs approximately 1,317 people worldwide.
Subsidiaries Owned by Inter IKEA Group
Inter IKEA Group presently has no subsidiaries across any sectors.
Inter IKEA Group’s LinkedIn Followers
Inter IKEA Group’s official LinkedIn profile has approximately 140,197 followers.
NAICS Classification of Inter IKEA Group
Inter IKEA Group is classified under the NAICS code 337, which corresponds to Furniture and Related Product Manufacturing.
Inter IKEA Group’s Presence on Crunchbase
No, Inter IKEA Group does not have a profile on Crunchbase.
Inter IKEA Group’s Presence on LinkedIn
Yes, Inter IKEA Group maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/interikeagroup.
Cybersecurity Incidents Involving Inter IKEA Group
As of November 28, 2025, Rankiteo reports that Inter IKEA Group has experienced 4 cybersecurity incidents.
Number of Peer and Competitor Companies
Inter IKEA Group has an estimated 2,617 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Inter IKEA Group ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack and Breach.
How does Inter IKEA Group detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with warning employees to not open suspicious emails, and remediation measures with reviewed and updated internal processes, and containment measures with employees asked not to open suspicious links, and communication strategy with report suspicious emails to ikea..
Incident Details
Can you provide details on each incident ?
Title: IKEA Phishing Attack
Description: IKEA fell prey to a cyber attack in internal phishing attacks using stolen reply-chain emails. IKEA organizations, suppliers, and business partners were compromised by the attack and it was still spreading to other systems as well. IT team warned the employees to not open any mail containing suspicious links and report it to them immediately if received.
Type: Phishing
Attack Vector: Phishing emails
Vulnerability Exploited: Email reply-chain exploitation
Title: Ikea Canada Data Breach
Description: Ikea Canada suffered a data breach incident that compromised the personal information of approximately 95,000 customers. The compromised information included customer names, email addresses, phone numbers, and postal codes, however, no financial or banking information was exposed.
Type: Data Breach
Title: IKEA Reply-Chain Phishing Attack
Description: IKEA is fending off an alleged reply-chain phishing attempt that targets internal mailboxes and sends emails from other compromised IKEA groups and business partners.
Type: Phishing
Attack Vector: Email
Title: Vice Society Data Breach at IKEA Stores in Morocco and Kuwait
Description: Vice Society targeted the IKEA stores in Morocco and Kuwait and posted data taken from them on their leak site. They managed to steal confidential business data and even sensitive employee information.
Type: Data Breach
Threat Actor: Vice Society
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Phishing emails and Email.
Impact of the Incidents
What was the impact of each incident ?
Incident : Phishing IKE183226322
Systems Affected: IKEA organizationssuppliersbusiness partners
Incident : Data Breach IKE201526822
Data Compromised: Customer names, Email addresses, Phone numbers, Postal codes
Payment Information Risk: No
Incident : Phishing IKE1521111122
Systems Affected: Internal mailboxes
Incident : Data Breach IKE00291122
Data Compromised: Confidential business data, Sensitive employee information
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Customer Names, Email Addresses, Phone Numbers, Postal Codes, , Confidential Business Data, Sensitive Employee Information and .
Which entities were affected by each incident ?
Incident : Data Breach IKE201526822
Entity Name: Ikea Canada
Entity Type: Retail
Industry: Furniture
Location: Canada
Customers Affected: 95000
Incident : Data Breach IKE00291122
Entity Name: IKEA
Entity Type: Retail
Industry: Home Furnishings
Location: MoroccoKuwait
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Phishing IKE183226322
Containment Measures: Warning employees to not open suspicious emails
Incident : Data Breach IKE201526822
Remediation Measures: reviewed and updated internal processes
Incident : Phishing IKE1521111122
Containment Measures: Employees asked not to open suspicious links
Communication Strategy: Report suspicious emails to IKEA
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach IKE201526822
Type of Data Compromised: Customer names, Email addresses, Phone numbers, Postal codes
Number of Records Exposed: 95000
Personally Identifiable Information: customer namesemail addressesphone numberspostal codes
Incident : Data Breach IKE00291122
Type of Data Compromised: Confidential business data, Sensitive employee information
Sensitivity of Data: High
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: reviewed and updated internal processes, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by warning employees to not open suspicious emails, , employees asked not to open suspicious links and .
References
Where can I find more information about each incident ?
Incident : Phishing IKE1521111122
Source: BleepingComputer
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: BleepingComputer.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Report Suspicious Emails To Ikea.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Phishing IKE183226322
Entry Point: Phishing emails
Incident : Phishing IKE1521111122
Entry Point: Email
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Vice Society.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were customer names, email addresses, phone numbers, postal codes, , confidential business data, sensitive employee information and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was IKEA organizationssuppliersbusiness partners and Internal mailboxes.
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Warning employees to not open suspicious emails and Employees asked not to open suspicious links.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were phone numbers, confidential business data, customer names, email addresses, postal codes and sensitive employee information.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 950.0.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is BleepingComputer.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Phishing emails and Email.
.png)
Latest Global CVEs (Not Company-Specific)
Description
ThingsBoard in versions prior to v4.2.1 allows an authenticated user to upload malicious SVG images via the "Image Gallery", leading to a Stored Cross-Site Scripting (XSS) vulnerability. The exploit can be triggered when any user accesses the public API endpoint of the malicious SVG images, or if the malicious images are embedded in an `iframe` element, during a widget creation, deployed to any page of the platform (e.g., dashboards), and accessed during normal operations. The vulnerability resides in the `ImageController`, which fails to restrict the execution of JavaScript code when an image is loaded by the user's browser. This vulnerability can lead to the execution of malicious code in the context of other users' sessions, potentially compromising their accounts and allowing unauthorized actions.
Risk Information
cvss4
Base: 6.2
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-exchange endpoint. The vulnerability requires ExperimentalEnableAuthenticationTransfer to be enabled (default: enabled) and RequireEmailVerification to be disabled (default: disabled).
Risk Information
cvss3
Base: 9.9
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
References
Description
Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to sanitize team email addresses to be visible only to Team Admins, which allows any authenticated user to view team email addresses via the GET /api/v4/channels/{channel_id}/common_teams endpoint
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
References
Description
Exposure of email service credentials to users without administrative rights in Devolutions Server.This issue affects Devolutions Server: before 2025.2.21, before 2025.3.9.
Description
Exposure of credentials in unintended requests in Devolutions Server.This issue affects Server: through 2025.2.20, through 2025.3.8.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=interikeagroup' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
