• Home
  • cyber
  • Cartier, Marks & Spencer and Victoria’s Secret: UPDATE: May Cyber Attack Expected to Cost Victoria’s Secret $20 Million
cyber Breach

Cartier, Marks & Spencer and Victoria’s Secret: UPDATE: May Cyber Attack Expected to Cost Victoria’s Secret $20 Million

Jun 13, 2025 3 min read
Cartier, Marks & Spencer and Victoria’s Secret: UPDATE: May Cyber Attack Expected to Cost Victoria’s Secret $20 Million

Retail Cyberattacks Surge: Victoria’s Secret, The North Face, and Cartier Among Latest Victims

A wave of cyberattacks has targeted major retailers in recent weeks, disrupting operations and exposing customer data. Victoria’s Secret, The North Face, and Cartier are among the latest brands to report security breaches, highlighting the growing threat to the retail sector.

Victoria’s Secret Hit by Undisclosed Cyberattack
Victoria’s Secret experienced a security incident in late May, forcing the company to shut down its website and pause some in-store services from May 26 to May 29, 2025. While stores remained open, the outage delayed the company’s fiscal Q1 earnings report, though financial results released on June 11 showed net sales of $1.35 billion, exceeding expectations. However, the breach is projected to cost the company $20 million in Q2 net sales due to service disruptions.

The North Face and Cartier Report Separate Breaches
The North Face, owned by VF Corp., disclosed a "small-scale" credential-stuffing attack in April 2025, where hackers used leaked login details from other breaches to access customer accounts. No financial data was compromised, but names and emails were exposed.

Luxury brand Cartier also confirmed a breach, revealing that an unauthorized party accessed customer data, including purchase history, shipping addresses, birth dates, and phone numbers. The company did not specify when the attack occurred.

Retail Sector Under Siege
These incidents follow a string of attacks on other retailers this month, including Marks & Spencer, Dior, Harrods, and Adidas. The Adidas breach, linked to a third-party customer service provider, underscored the risks of supply chain vulnerabilities. Cybersecurity experts warn that retailers are prime targets due to the vast amounts of sensitive customer data they handle, with 46% of retail security professionals reporting data loss from attacks in the past year.

The financial and reputational toll is significant companies face network outages, customer account compromises, and long-term trust erosion, with some losing over 10% of annual revenue after breaches. While details of the Victoria’s Secret attack remain undisclosed, the incident reflects a broader trend of coordinated or opportunistic attacks on the retail industry.

Source: https://www.retailtouchpoints.com/news/victorias-secret-latest-hit-in-growing-swath-of-retail-cyber-attacks/152087/

Victoria’s Secret & Co. cybersecurity rating report: https://www.rankiteo.com/company/victoria's-secret

Marks and Spencer cybersecurity rating report: https://www.rankiteo.com/company/marks-and-spencer

Cartier cybersecurity rating report: https://www.rankiteo.com/company/cartier

"id": "VICMARCAR1772649374",
"linkid": "victoria's-secret, marks-and-spencer, cartier",
"type": "Breach",
"date": "6/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Retail (Lingerie/Apparel)',
                        'name': 'Victoria’s Secret',
                        'type': 'Retailer'},
                       {'industry': 'Retail (Outdoor Apparel)',
                        'name': 'The North Face',
                        'type': 'Retailer'},
                       {'industry': 'Retail (Luxury Goods)',
                        'name': 'Cartier',
                        'type': 'Retailer'},
                       {'industry': 'Retail',
                        'name': 'Marks & Spencer',
                        'type': 'Retailer'},
                       {'industry': 'Retail (Luxury Goods)',
                        'name': 'Dior',
                        'type': 'Retailer'},
                       {'industry': 'Retail (Department Store)',
                        'name': 'Harrods',
                        'type': 'Retailer'},
                       {'industry': 'Retail (Sportswear)',
                        'name': 'Adidas',
                        'type': 'Retailer'}],
 'attack_vector': ['Credential Stuffing', 'Unauthorized Access'],
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High (Personally Identifiable '
                                        'Information)',
                 'type_of_data_compromised': ['Names',
                                              'Emails',
                                              'Purchase history',
                                              'Shipping addresses',
                                              'Birth dates',
                                              'Phone numbers']},
 'description': 'A wave of cyberattacks has targeted major retailers in recent '
                'weeks, disrupting operations and exposing customer data. '
                'Victoria’s Secret, The North Face, and Cartier are among the '
                'latest brands to report security breaches, highlighting the '
                'growing threat to the retail sector.',
 'impact': {'brand_reputation_impact': 'Long-term trust erosion',
            'data_compromised': 'Customer data including names, emails, '
                                'purchase history, shipping addresses, birth '
                                'dates, and phone numbers',
            'downtime': 'May 26 to May 29, 2025 (Victoria’s Secret)',
            'financial_loss': '$20 million in Q2 net sales (projected for '
                              'Victoria’s Secret)',
            'operational_impact': 'Delayed fiscal Q1 earnings report, paused '
                                  'in-store services',
            'systems_affected': ['Websites', 'In-store services']},
 'lessons_learned': 'Retailers are prime targets due to vast amounts of '
                    'sensitive customer data; supply chain vulnerabilities '
                    'pose significant risks.',
 'references': [{'source': 'Cyber Incident Description'}],
 'response': {'containment_measures': ['Shut down website',
                                       'Paused in-store services']},
 'title': 'Retail Cyberattacks Surge: Victoria’s Secret, The North Face, and '
          'Cartier Among Latest Victims',
 'type': ['Data Breach', 'Credential Stuffing', 'Cyberattack']}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.