Victoria’s Secret’s website outage stretched into its fifth day on Thursday, as customers, cybersecurity experts, and investors awaited clarity following a disruptive cyberattack that has left the lingerie brand’s digital operations at a standstill.
The company confirmed on Sunday that it had taken its website offline in response to a “security incident.” Since then, little new information has emerged, and both Victoria’s Secret and PINK online platforms remain unavailable.
No Updates from Victoria’s Secret
As of Thursday afternoon, the company had not issued a fresh statement. Its social media channels remain silent on the matter, and frustrated customers continue flooding previous posts with demands for transparency.
Digital sales, which generated $2 billion for Victoria’s Secret & Co. (VSCO) in 2024, remain fully suspended. While brick-and-mortar stores continue to operate, the outage has disrupted some in-store digital services — including returns and online order lookups.
Expert: Retail Cyberattacks Are Escalating
Julius Cerniauskas, CEO of web intelligence firm Oxylabs, called the incident “the latest in a growing wave of cyber attacks targeting major retailers.”
“It’s clear that cybercriminals are deliberately going after companies that hold large volumes of customer data and rely heavily on digital infrastructure,” Cerniauskas said in a statement. “Retailers are attractive targets because they often operate across complex, interconnected systems — from e-commerce platforms and in-store payment systems to supply chains and third-party vendors. Any weak link can be exploited.”
He warned that ransomware poses a growing danger because cybercriminals can shut down entire operations until victims pay a ransom.
“For customers, this is a reminder to stay proactive,” he added. “Change your passwords, enable two-factor authentication, and monitor your accounts closely — even if no notification has been issued yet.”
No Word Yet on Ransomware or Data Breach
Victoria’s Secret has not confirmed if ransomware played a role or if the attack compromised customer information. The company also hasn’t disclosed whether law enforcement is involved in the investigation.
Cybersecurity analysts say the nature and timing of the attack — which began over Memorial Day weekend — mirrors tactics used by sophisticated cyber gangs that target holidays due to reduced IT staffing.
Timing Raises Eyebrows Amid Corporate Drama
The breach comes at a delicate time for Victoria’s Secret, which just days earlier adopted a “poison pill” strategy to fend off a potential hostile takeover by Australian firm BBRC International. BBRC, which owns 13% of the company’s stock, has been aggressively expanding its retail footprint globally.
Retail Industry Faces Rising Threats
Victoria’s Secret is the latest in a string of high-profile retail cyber incidents. Marks & Spencer recently disclosed a $404 million loss tied to a similar breach, and Harrods has also reported a compromise of its systems.
With attacks on the rise, Cerniauskas said the industry must shift its mindset.
“Retailers need to treat cyber security as a board-level issue,” he said. “This isn’t just about IT anymore — it’s about trust, reputation, and business continuity.”
This content is brought to you by the FingerLakes1.com Team. Support our mission by visiting www.patreon.com/fl1 or learn how you send us your local content here.
