Victoria’s Secret takes down US site following ‘security incident’
Victoria's Secret store. Credits: Victoria's Secret / Lagardere Victoria’s Secret seems to have been the next target in a growing list of fashion companies facing online attacks. The lingerie brand confirmed that it was tackling a "security incident” that led it to take down its US website and “some in store services as precaution”. While the website is now back online, in a post on Instagram the company said it had “identified and [was] taking steps to address a security incident”. Its customer care services were also paused. Victoria’s Secret did not disclose further details about the incident, nor did it confirm whether it was a cyber or ransomware attack. Both Victoria’s Secret and Pink stores had remained open throughout the period. Various media reports detailing the news also remain patchy. The New York Times reported that while the retailer’s website had shuttered on Wednesday, customers seemed to have already been experiencing issues with the platform earlier in the week. Bloomberg News, meanwhile, cited an unnamed source who suggested the brand had also halted some office operations, with some employees said to have been shut out of their company email accounts. In a Q&A on its corporate website, Victoria’s Secret said it would extend its US return window for an additional 30 days, and it was working to fulfill orders placed before May 26. While this particular occurrence has not yet been confirmed as a cyber-related incident, it has arisen as an increasing number of fashion companies have become the target of such attacks over the last few months. The string of incidents began with British retailer Marks & Spencer, which has now confirmed that certain customer data was stolen in a breach reported back in April. Adidas, Dior and Harrods are also among those recently impacted by similar incidents.
Victoria’s Secret seems to have been the next target in a growing list of fashion companies facing online attacks. The lingerie brand confirmed that it was tackling a "security incident” that led it to take down its US website and “some in store services as precaution”.
While the website is now back online, in a post on Instagram the company said it had “identified and [was] taking steps to address a security incident”. Its customer care services were also paused.
Victoria’s Secret did not disclose further details about the incident, nor did it confirm whether it was a cyber or ransomware attack. Both Victoria’s Secret and Pink stores had remained open throughout the period.
Various media reports detailing the news also remain patchy. The New York Times reported that while the retailer’s website had shuttered on Wednesday, customers seemed to have already been experiencing issues with the platform earlier in the week.
Bloomberg News, meanwhile, cited an unnamed source who suggested the brand had also halted some office operations, with some employees said to have been shut out of their company email accounts.
In a Q&A on its corporate website, Victoria’s Secret said it would extend its US return window for an additional 30 days, and it was working to fulfill orders placed before May 26.
While this particular occurrence has not yet been confirmed as a cyber-related incident, it has arisen as an increasing number of fashion companies have become the target of such attacks over the last few months.
The string of incidents began with British retailer Marks & Spencer, which has now confirmed that certain customer data was stolen in a breach reported back in April. Adidas, Dior and Harrods are also among those recently impacted by similar incidents.
