• Cyber Syrup
  • Posts
  • Victoria’s Secret Suffers Cyberattack, Joins Growing List of Targeted Retailers

Victoria’s Secret Suffers Cyberattack, Joins Growing List of Targeted Retailers

Victoria’s Secret has become the latest victim of a cybersecurity incident that disrupted its operations and forced the company to take down its official website

June 02, 2025

In partnership with

CYBER SYRUP
Delivering the sweetest insights on cybersecurity.

Quick, hard-hitting business news.

Morning Brew was built on a simple idea: business news doesn’t have to be boring.

Today, it’s the fastest-growing newsletter in the country with over 4.2 million readers—thanks to a format that makes staying informed both easy and enjoyable.

Each morning, Morning Brew delivers the day’s biggest stories—from Wall Street to Silicon Valley and beyond—in bite-sized reads packed with facts, not fluff, and just enough wit to keep things interesting.

Try the newsletter for free and see why busy professionals are ditching jargon-heavy, traditional business media for a smarter, faster way to stay in the loop.

Victoria’s Secret Suffers Cyberattack, Joins Growing List of Targeted Retailers

Victoria’s Secret, the well-known American lingerie and beauty retailer, has become the latest victim of a cybersecurity incident that disrupted its operations and forced the company to take down its official website. At the time of writing, the website remains offline.

A message currently displayed on the site reads:

“Valued customer, we identified and are taking steps to address a security incident. We have taken down our website and some in-store services as a precaution. Our team is working around the clock to fully restore operations.”

The message goes on to reassure customers that physical Victoria’s Secret and PINK stores remain open, and that the company appreciates customer patience during the investigation and recovery process.

Nature of the Incident

While details remain scarce, the nature of the disruption—specifically the decision to take systems offline—suggests the possibility of a ransomware attack or another form of severe intrusion. These types of attacks typically involve the encryption of critical systems or exfiltration of sensitive data, prompting companies to suspend services to contain the damage.

Victoria’s Secret has not yet disclosed the type of cyberattack involved or whether any customer data has been compromised. Attempts by media outlets to obtain more information from the company have so far gone unanswered.

Context: A Rising Threat to Retail

This incident follows closely on the heels of several cyberattacks in the global retail sector, indicating a troubling trend. Just this week, Adidas disclosed a separate cyber event after a third-party customer service provider was breached, resulting in the theft of customer contact information.

Earlier in May 2025, major UK retailers—including Co-op, Harrods, and Marks & Spencer (M&S)—were attacked by the DragonForce ransomware group, resulting in service outages and data theft. The attack on M&S was particularly severe, with potential financial losses estimated at over $400 million.

These incidents highlight how retailers are increasingly being targeted for their access to high volumes of sensitive consumer data and their dependence on digital infrastructure for operations and customer engagement.

U.S. Retailers Now in the Crosshairs

Analysts believe that the focus of these threat actors is shifting toward U.S.-based retailers, signaling an urgent need for increased vigilance. According to Google’s Threat Intelligence Group, the same groups responsible for attacks on UK retailers are now actively targeting companies in the United States.

“Shields up US retailers. They’re here,” warned John Hultquist, Chief Analyst at Google’s Threat Intelligence Group, in a recent post on X (formerly Twitter).

The scale and speed of these campaigns suggest that retail organizations are being systematically targeted—not just opportunistically, but as part of well-planned campaigns exploiting known weaknesses in third-party vendors, legacy systems, and customer support platforms.

Expert Insight: A Systemic Vulnerability

Ryan Sherstobitoff, Senior Vice President at SecurityScorecard, emphasized that these are not isolated events:

“Retailers have become high-value targets for cybercriminals, and recent breaches at Dior, M&S, Harrods, and Co-Op in the last month alone make it clear that this is more than just a passing trend. These attacks represent a growing pattern exposing a deeper, systematic vulnerability within the retail industry.”

These vulnerabilities often stem from:

  • Outdated or unpatched systems

  • Complex vendor ecosystems

  • Insufficient network segmentation

  • Weak cybersecurity awareness and training

Recommendations for Retailers

To defend against evolving threats, retail companies should take the following measures:

  • Harden infrastructure with regular vulnerability scanning and patching

  • Segment networks to isolate critical systems from external access

  • Implement endpoint detection and response (EDR) tools

  • Train employees on phishing, social engineering, and security hygiene

  • Conduct regular security audits and third-party risk assessments

Conclusion

The attack on Victoria’s Secret is a stark reminder of the growing threat to retailers worldwide. With consumer trust, operational uptime, and brand reputation on the line, the industry must prioritize cyber resilience and take proactive steps to reduce exposure to these increasingly aggressive threat actors.

As law enforcement and cybersecurity experts continue to investigate the recent wave of retail cyberattacks, customers are urged to stay alert, monitor their accounts for suspicious activity, and be cautious of unsolicited emails or messages claiming to be from retailers.