Fashion retailer Victoria’s Secret recently confirmed a cyberattack on its IT network. The breach compelled the company to shut down its website and temporarily suspend some in-store services. The incident also delayed their planned Q1 financial earnings report, bringing concerns about the customer data and security to the forefront.
What’s Happening & Why This Matters
Victoria’s Secret detected the intrusion on Saturday, May 24, 2025. Two days later, it took its website offline as a precautionary step. The company replaced the site’s content with a message warning customers of a security incident and assuring them that the restoration process was ongoing. While physical stores remain open, online orders and services continue to be disrupted.

The retailer’s announcement emphasized that the breach could compromise the security of customer, associate, third-party, and company information. Although the company has not confirmed what data might have been accessed, the seriousness of the incident has forced them to delay reporting financial results. “The restoration process has prevented employees from accessing certain systems and information needed to support the company’s release of its financial results,” Victoria’s Secret said.
Victoria’s Secret engaged third-party cybersecurity experts to contain and eradicate the unauthorized access. The company is still investigating the full scope of the attack and its impact.
Experts suspect a ransomware attack given the company’s actions to take down online systems swiftly. Ransomware gangs commonly steal sensitive data before encrypting a victim’s computers. They then use stolen data as leverage to extort payments.
This incident follows a wave of cyberattacks targeting retail brands worldwide. A cybercriminal group called Scattered Spider, believed to be young, English-speaking hackers, has been implicated in multiple high-profile attacks. This group reportedly gains initial access by tricking company insiders into sharing system credentials. They then provide access to other cybercriminals, such as the Russian-speaking gang DragonForce, who monetize the breaches via extortion.

Similar attacks have targeted British retailers such as Marks & Spencer, Co-op Group, and Harrods, causing disruptions and data leaks. In the U.S., casino companies, including MGM Resorts, faced major operational outages in 2023 due to related cyberattacks, showing the widespread risk retail and hospitality brands face today.
TF Summary: What’s Next
Victoria’s Secret faces a difficult road ahead as it investigates the full impact of this cyberattack. Customers should remain vigilant for any suspicious activity related to their personal data. The retail giant must strengthen its defenses to prevent future incidents and restore customer trust.
The wider retail and hospitality sectors are also at risk. Cybercriminal groups are applying social engineering and ransomware tactics to compromise brands globally. Businesses must prioritize cybersecurity, continuous monitoring, and incident response readiness to minimize damage.
— Text-to-Speech (TTS) provided by gspeech