Victoria’s Secret, the renowned lingerie company, has recently found itself at the center of attention due to a serious security issue. The company announced that it has taken down its U.S. website and temporarily halted some in-store services following what is being termed a “security incident.” This unfortunate turn of events has led to the normal website being replaced by a notice informing customers of the situation, emphasizing that the company is diligently working to restore full operations as swiftly as possible.
As of now, while the online shopping experience has been disrupted, brick-and-mortar stores—including those of its sister brand, PINK—remain operational. In a move to reassure customers, Victoria’s Secret confirmed that its UK website remains unaffected by the incident. This is a relief for many customers, considering the ongoing issues affecting various other retailers. The company, headquartered in Ohio, operates approximately 1,350 stores across 70 countries worldwide.
In a detailed statement about the incident, Victoria’s Secret elaborated on the steps it has taken since discovering the breach. “We immediately enacted our response protocols, engaged third-party experts, and took down our website and some in-store services as a precaution,” the statement indicated. However, further specifics regarding the nature or timing of this security breach were not disclosed, leaving many questions unanswered and creating uncertainty among customers and stakeholders.
The company’s share price has reportedly taken a hit, dropping by around 7% on the same day it first communicated details regarding the incident to the media. Social media platforms have seen customers expressing their frustration, particularly regarding the lack of access to their order information. One customer took to X (formerly Twitter), pleading for a resolution: “How can I check my order status when your page has been down for 2 days?!? And no one answers the phone either!”
Adding to the gravity of the situation, the timing of this breach coincides with a troubling trend where numerous major retailers in the UK have recently been victims of cyberattacks. For instance, Marks & Spencer (M&S) has revealed that it expects the financial repercussions of a hack to reach around £300 million, with operational disruptions anticipated to last until July. Similarly, the Co-op experienced severe delivery issues and empty store shelves after suffering a cyber breach.
In these recent attacks, customer data has been compromised, and cybercriminals have asserted that they used ransomware to carry out their schemes. This method involves encrypting a company’s IT systems and extorting a ransom in exchange for restoring access. The crime gang known as Scattered Spider, which is believed to include some young individuals, has been identified as a potential suspect in these attacks.
In light of these risks, cybersecurity experts, including Vonny Gamot from McAfee, are advising affected customers to take immediate precautionary measures. “Change your passwords and enable two-factor authentication on any accounts that support it,” Gamot recommended. Furthermore, she urged individuals not to wait for a notification from the impacted brand or retailer. “Even if you haven’t received notification from the brand or retailer which has been impacted, assume your information may have been compromised if you’ve been a customer,” she stated.
This situation surrounding Victoria’s Secret is not just an isolated incident but part of a wider trend of increasing cyber threats faced by retailers worldwide. As the company works to resolve these challenges, it emphasizes the importance of security protocols and customer communication, particularly as it strives to regain the trust of its loyal customer base amidst these troubling circumstances. The resolution of this incident will undoubtedly play a significant role in shaping the future relationship between Victoria’s Secret and its customers.