The IKEA website uses cookies, which make the site simpler to use. Find out more about browser cookies.

You have disabled your cookies which means the IKEA website will not remember you as you browse through the site. Find out how to enable your cookies for a better experience

Currently, We have problems with our price updates, so the price displayed is not reliable. Please try again later to be sure that the price is correct.

Bug Bounty Program

Security for all

IKEA highly values the trust that its customers place in it. That’s why the security of our website is so important.

If you find vulnerabilities in any of our services, we would appreciate it if you would let us know by sending us what you have found* through our Bug Bounty Program.

We’ll check what you send us, and if it’s valid and it has not already been reported, we may invite you to join a Bug Bounty program. The program lets you earn money** for your efforts.

You’ll find the terms and conditions of our responsible disclosure policy below. Together we can guarantee the security of IKEA.com

 

Terms of assessment

The terms of our responsible disclosure program forbid:

  • Accessing, downloading or modifying (or attempting to access, download or modify) third party account data.
  • Executing or attempting to execute denial-of-service attacks.
  • Publishing, transmitting, uploading, inserting links, sending or maintaining any sort of malware.
  • Performing tests that result in unauthorised or unsolicited junk mail, spam or other types of unsolicited messages.
  • Conducting tests that affect the operation of IKEA properties.
  • Testing third-party websites, services or applications that are integrated with, or linked to, IKEA properties.

*IKEA will take no legal measures against persons who discover and provide notice of security vulnerabilities in accordance with this «Responsible Disclosure Policy».

**Monetary compensation can only be obtained through our Bug Bounty program. A request for compensation (monetary or otherwise) in relation to an identified or alleged vulnerability will be considered to constitute a violation of this «Responsible Disclosure Policy».