Victoria’s Secret Shuts Down Website Amid Security Breach

Victoria's Secret Website Down

Victoria’s Secret, a global fashion retailer, has taken its website offline due to a serious cybersecurity incident. Select in-store systems have also been disabled as a precautionary step. The company operates 1,380 retail locations across 70 countries and reported annual revenue of $6.23 billion as of February 2025.

In a public statement, the retailer confirmed it is working “around the clock” to restore operations. Physical stores under both Victoria’s Secret and PINK brands remain open. A notice on its homepage says steps are being taken to address the issue and safeguard customer data.

Victoria Secrets Website Down

External Experts Brought In as Investigation Begins

While the company has yet to confirm the breach’s cause, a spokesperson told BleepingComputer that cybersecurity professionals are now involved. “We enacted response protocols and brought in third-party experts,” the company said. Recovery efforts are ongoing, but full restoration may take time. CEO Hillary Super reportedly told employees that the process will not be quick.

The company has emphasized its commitment to restoring secure service and reassured customers that operations in physical stores will continue without interruption.

Retail Sector Faces Ongoing Cyber Threats

This incident is part of a rising trend in cyberattacks targeting the global retail industry. Just two weeks earlier, Dior confirmed an intrusion that compromised customer data. Adidas also reported a breach linked to a third-party service provider, with customer data accessed by attackers.

In the UK, major brands like Harrods, Co-op, and Marks & Spencer have also been hit. Marks & Spencer now estimates financial losses could reach £300 million due to the resulting disruption. Cybercrime group DragonForce has claimed responsibility for multiple attacks, allegedly using social engineering techniques tied to the Scattered Spider threat group.

Google has recently warned that Scattered Spider is expanding its operations, now targeting major U.S. retailers with ransomware and extortion attacks.

A Wake-Up Call for Global Retailers

Retailers must act swiftly to bolster defenses. This includes real-time monitoring, third-party risk assessment, and updated response protocols. As threat actors evolve, proactive cyber hygiene and resilient systems are essential for minimizing business risk and protecting consumer trust.

Facebook
X
LinkedIn
Picture of Fredrik Bjoerklund
Fredrik Bjoerklund
Fredrik Björklund serves as the CEO of Eye World, bringing with him over two decades of experience in internet-based industries. With a strong background in Internet and Cybersecurity, Fredrik is recognized as a seasoned expert in digital risk management, online infrastructure, and the ever-evolving cybersecurity landscape. His deep understanding of the digital world positions him as a trusted voice in the industry. As part of his leadership role, Fredrik will take an active position in curating and reporting on global cybersecurity developments. He will regularly update the Eye News Section with the latest insights, emerging threats, and critical updates in the cybersecurity domain, ensuring readers are well-informed in an increasingly digital and vulnerable world.

Leave a Reply

Your email address will not be published. Required fields are marked *

© 2025 Eye World AB

Linkedin Youtube X-twitter

Products

Industries

Knowledge

About Us