Victoria’s Secret fell victim to a sophisticated cyberattack on May 24, 2025, forcing the lingerie retailer to shut down corporate systems, in-store services, and its U.S. retail website for several days during the critical Memorial Day weekend shopping period.
Sophisticated cyberattack forces Victoria’s Secret to shut down systems and website during Memorial Day weekend shopping period.
The timing of the attack, strategically planned during a major holiday weekend, was designed to maximize operational disruption while slowing the company’s immediate response capabilities.
The suspected ransomware attack, attributed to the Scattered Spider threat group, rendered the e-commerce platform inaccessible until May 29, severely impacting digital sales channels.
Corporate functions, inventory management systems, and customer support operations experienced complete paralysis as the company implemented precautionary shutdowns to prevent further system compromise.
The incident also forced Victoria’s Secret to delay its quarterly earnings release, as employees could not access crucial financial systems required for report preparation.
Recovery efforts commenced immediately, with external cybersecurity experts hired to assist with forensic investigation and system restoration.
Industry analysts estimate the breach could cost Victoria’s Secret up to 4.35 million dollars in remediation and lost revenue based on current cybersecurity incident averages.
All critical systems affected by the breach were fully operational by June 13, 2025, though in-store operations and online platforms were gradually restored within the first week following the initial attack.
The company’s progressive relaunch strategy aimed to prevent additional security vulnerabilities during the remediation process.
The cyberattack formed part of a broader campaign targeting major U.S. and U.K. retailers, including Harrods, Marks & Spencer, and Co-op.
Recent breaches have also affected luxury brands such as Cartier, Dior, and Adidas, highlighting escalating risks within the fashion retail sector.
The DragonForce ransomware gang has been linked to similar attacks targeting retail companies since April 2025, with previous incidents resulting in substantial financial losses.
Preliminary investigations suggest potential compromise of customer data, employee records, vendor information, and internal company files.
Victoria’s Secret has engaged audit committees and forensic teams to assess the full extent of accessed or stolen information, though no public confirmation regarding sensitive customer data theft has been released as of mid-June 2025.
The company filed an SEC disclosure acknowledging the cyber incident as part of its regulatory compliance obligations. The company has extended return policy windows and offered additional coupon promotions to mitigate customer inconvenience while providing regular updates through official website communications and social media channels. The incident highlights the critical need for automated updating systems and frequent vulnerability assessments to prevent future attacks.
