According to BleepingComputer, IKEA is fending off an alleged reply-chain phishing attempt that targets internal mailboxes and sends emails from other compromised IKEA groups and business partners.
The attack compromised IKEA businesses, suppliers, and business partners, and it was still spreading to additional systems.
They asked the employees to not open any mail containing suspicious links and report it to them immediately if received.
Source: https://www.msspalert.com/cybersecurity-breaches-and-attacks/phishing/ikea-cyberattack-details/
TPRM report: https://scoringcyber.rankiteo.com/company/ikea
"id": "ike1521111122",
"linkid": "ikea",
"type": "Cyber Attack",
"date": "11/2021",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"{'affected_entities': [{'industry': 'Home Furnishings',
'name': 'IKEA',
'type': 'Retail'},
{'name': 'IKEA Suppliers', 'type': 'Supplier'},
{'name': 'IKEA Business Partners',
'type': 'Business Partner'}],
'attack_vector': 'Email',
'description': 'IKEA is fending off an alleged reply-chain phishing attempt '
'that targets internal mailboxes and sends emails from other '
'compromised IKEA groups and business partners.',
'impact': {'systems_affected': ['Internal mailboxes']},
'initial_access_broker': {'entry_point': 'Email'},
'references': [{'source': 'BleepingComputer'}],
'response': {'communication_strategy': ['Report suspicious emails to IKEA'],
'containment_measures': ['Employees asked not to open suspicious '
'links']},
'title': 'IKEA Reply-Chain Phishing Attack',
'type': 'Phishing'}