Victoria’s Secret website hit by cyber attack
With a third of its revenue tied to online sales, Victoria’s Secret faces growing pressure to resolve a major digital disruption.
Victoria’s Secret’s website has remained offline for three days due to a security incident the company has yet to fully explain. A spokesperson confirmed steps are being taken to address the issue, saying external experts have been called in and some in-store systems were also taken down as a precaution.
Instead of revealing specific details, the retailer has left users with only a holding message on a pink background. It has declined to comment on whether ransomware is involved, when the disruption began, or if law enforcement has been contacted.
The firm’s physical stores continue operating as normal, and payment systems are unaffected, suggesting the breach has hit other digital infrastructure. Still, the shutdown has rattled investors—shares fell nearly seven percent on Wednesday.
With online sales accounting for a third of Victoria’s Secret’s $6 billion annual revenue, the pressure to resolve the situation is high.
The timing has raised eyebrows, as cybercriminals often strike during public holidays like Memorial Day, when IT teams are short-staffed. The attack follows a worrying trend among retailers.
UK giants such as Harrods, Marks & Spencer, and the Co-op have all suffered recent breaches. Experts warn that US chains are becoming the next major targets, with threat groups like Scattered Spider shifting their focus across the Atlantic.
Would you like to learn more about AI, tech and digital diplomacy? If so, ask our Diplo chatbot!