Cyber Attack cyber

Victoria’s Secret & Co.

May 29, 2025 1 min read
Victoria’s Secret & Co.

Victoria’s Secret & Co. experienced a significant security incident that led to the suspension of its website and select in-store services. The breach affected the company's digital infrastructure, locking employees out of their email accounts and causing operational disruptions. The company's incident response protocols were activated, and third-party cybersecurity experts were engaged. The attack's timing coincided with Memorial Day, a known tactic of cybercriminals targeting organizations during public holidays. The incident resulted in a 7% drop in the company's shares, reflecting investor concern, especially given that digital sales accounted for $2 billion in revenue during 2024. The outage's extended duration suggests extensive system compromise or ongoing ransomware negotiations.

Source: https://cybersecuritynews.com/victorias-secret-website-went-offline/

TPRM report: https://scoringcyber.rankiteo.com/company/victorias-secret

"id": "vic1004052925",
"linkid": "victorias-secret",
"type": "Cyber Attack",
"date": "5/2025",
"severity": "100",
"impact": "",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Fashion and Apparel',
                        'location': 'Global',
                        'name': 'Victoria’s Secret & Co.',
                        'size': '1,350 retail stores across 70 countries',
                        'type': 'Retailer'}],
 'attack_vector': ['Social Engineering',
                   'Credential Dumping',
                   'Lateral Movement',
                   'Ransomware Deployment'],
 'date_detected': '2024-05-27',
 'description': 'Victoria’s Secret & Co. has taken its website offline and '
                'suspended select in-store services following what the company '
                'describes as a “security incident” that began over the '
                'Memorial Day weekend.',
 'impact': {'downtime': 'Three days and ongoing',
            'financial_loss': '7% decline in shares',
            'operational_impact': ['Customer care operations halted',
                                   'Some distribution center functions halted'],
            'systems_affected': ['Website',
                                 'Email Accounts',
                                 'In-store Digital Services']},
 'initial_access_broker': {'entry_point': 'Social Engineering'},
 'investigation_status': 'Ongoing',
 'motivation': 'Financial Gain',
 'ransomware': {'ransomware_strain': 'DragonForce'},
 'response': {'communication_strategy': 'Informed employees about recovery '
                                        'operations',
              'containment_measures': 'Website and some in-store services '
                                      'taken down',
              'incident_response_plan_activated': 'Yes',
              'third_party_assistance': 'Yes'},
 'threat_actor': 'Scattered Spider (UNC3944, Octo Tempest, Muddled Libra)',
 'title': 'Victoria’s Secret Security Incident',
 'type': 'Cybersecurity Incident'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.