Victoria’s Secret Cyber Incident: A Comprehensive Update

Date:

Global lingerie retailer Victoria’s Secret has temporarily shut down its website and suspended select in-store services following a security incident detected over the Memorial Day weekend. The company swiftly enacted its response protocols and engaged third-party cybersecurity experts to investigate and remediate the breach.

*Incident Details*

– The website disruption began as early as Monday, May 26, during a Memorial Day sale promotion, with users encountering a black screen message stating, “We have identified and are taking steps to address a security incident.”

– Victoria’s Secret stores remain open, but some in-store digital services are affected. Customer care operations and certain distribution center functions have been halted.

– The company has extended its U.S. return window for an additional 30 days and allowed customers to redeem expired direct mail coupons through Sunday.

*Potential Impact and Speculation*

– Shares fell approximately 7-10% following disclosure of the breach, representing significant investor concern given digital sales accounted for $2 billion in revenue in 2024.

– Security experts note the operational disruption pattern suggests a sophisticated multi-stage attack, potentially involving ransomware deployment or data exfiltration.

– The incident’s timing aligns with known cybercriminal tactics of targeting organizations during public holidays when IT departments are short-staffed.

IMG 8431 - C J Global Newspaper

*Possible Culprits and Recent Trends*

– The Scattered Spider 

cybercriminal collective, known for targeting retailers, may be involved. This group has been linked to recent breaches affecting UK retailers Marks & Spencer, Co-op, and Harrods, and has reportedly pivoted to targeting US retail chains.

– Google’s Threat Intelligence Group warned that Scattered Spider has demonstrated proficiency with DragonForce ransomware deployment and credential dumping techniques.

*Next Steps*

– Victoria’s Secret is working to quickly and securely restore operations, but the company has not disclosed when services will be fully restored.

– The incident highlights the critical vulnerability of retail organizations heavily dependent on e-commerce platforms and the evolving sophistication of cybercriminal operations targeting consumer-facing businesses.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Share post:

Popular

More like this
Related

Israeli Airstrikes on Gaza Kill 81 Palestinians

The Israel-Gaza conflict has witnessed a significant escalation with...

Global Drug Crisis Intensifies: UN Warns of Rising Threat

The United Nations Office on Drugs and Crime (UNODC)...

Your horoscopes for June 29, 2025:

Horoscope for June 29, 2025 Aries (March 21 - April...

China Flight Makes Emergency Landing After Burning Smell Reported

A domestic flight in China was forced to make...