Victoria’s Secret Suspends Website Operations Following Security Incident

Fashion retailer Victoria’s Secret has temporarily suspended its website and some in-store services in response to an ongoing security incident. The company operates around 1,380 retail locations across nearly 70 countries and reported revenues of $6.23 billion for the fiscal year ending February 1, 2025.

In a public statement, Victoria’s Secret reassured customers that its physical stores, including the PINK brand, remain open while efforts are being made to restore full functionality to its online services. CEO Hillary Super communicated to employees that “Recovery is going to take awhile,” highlighting the complexity of the situation.

The company has not yet disclosed specific details about the incident, including whether a ransomware attack occurred or if any ransom was demanded. A spokesperson for Victoria’s Secret is currently unavailable for further comments.

In a customer-facing message, the retailer stated, “We identified and are taking steps to address a security incident. We have taken down our website and some in-store services as a precaution.” They emphasized that their team is diligently working to fully restore operations and expressed appreciation for customer patience during the resolution process.

This incident comes on the heels of significant cybersecurity breaches within the fashion industry. Recently, French luxury brand Dior reported that attackers gained unauthorized access to customer data. Similarly, German sportswear brand Adidas disclosed a data breach affecting customer information due to a compromise of a third-party service provider.

These events are part of a worrying trend of cyberattacks targeting the retail sector, particularly within the United Kingdom, where companies such as Harrods and Marks & Spencer have also faced breaches. Marks & Spencer has warned of a potential profit loss of up to £300 million (approximately $402 million) due to extensive sales and operational disruptions caused by a cyber incident.

While it remains unclear if a connection exists among these recent attacks, the DragonForce ransomware operation has claimed responsibility for multiple incidents against retailers. Reports suggest that social engineering tactics, typically associated with the Scattered Spider threat group, have been utilized in these attacks.

Adding to the complexity, Google has recently alerted the community that the Scattered Spider group is now focusing its efforts on retail chains in the United States, engaging in ransomware and extortion activities.