Victoria’s Secret has taken its website offline following a suspected cyberattack, becoming the latest American brand entangled in a wave of cybersecurity threats. Linked to a group previously targeting British retailers and Las Vegas casinos, the breach underscores the growing global risk to retail giants.
Retail Giant Victoria’s Secret Hit by Cyberattack, Shuts Down Online Operations
Victoria’s Secret has suspended all online orders in response to a suspected cyberattack, as confirmed by the company last week. While its physical stores remain unaffected and continue to operate as usual, the brand’s official website now displays a placeholder message informing customers of a security incident and that “some in-store services” have also been suspended as a precaution.
The company has not disclosed the nature or extent of the breach but confirmed that third-party cybersecurity firms have been hired to investigate and restore operations. “We identified and are taking steps to address a security incident. Our team is working around the clock to fully restore operations,” read the public-facing message on the company’s site. The timeline for a full resolution remains unclear.
This disruption comes on the heels of a recent warning from Google, alerting companies about an emerging threat from a cybercriminal group responsible for significant disruptions to British retailers. Reports indicate that the same group has pivoted toward targeting American brands, with Victoria’s Secret potentially being one of the first high-profile victims in this new wave.
The perpetrators are believed to be linked to a loosely organized group known as Scattered Spider. Cybersecurity experts describe the group as mostly composed of young, English-speaking individuals adept at social engineering—deceiving employees into giving up login credentials. The compromised access is then reportedly sold or passed to more sophisticated cybercriminal networks.
The Scattered Spider group has previously wreaked havoc across the UK retail sector. In recent months, British giants such as Marks & Spencer, the Co-op Group, and Harrods confirmed breaches, ranging from data leaks to suspended e-commerce operations.
ALSO READ: FCRF Launches Campus Ambassador Program to Empower India’s Next-Gen Cyber Defenders
In one case, Marks & Spencer halted online orders for several weeks. The Co-op Group suffered a major data breach affecting customer information, and Harrods experienced brief but concerning service interruptions.
These operations echo earlier incidents from 2023, when Scattered Spider allegedly provided access to a Russian-speaking cybercrime syndicate that crippled MGM Resorts in Las Vegas. The attack led to widespread outages, including casino floor closures and system failures affecting hotel check-ins.
Investigations suggest that access gained by Scattered Spider is often sold to a more dangerous network known as DragonForce, a criminal entity notorious for extorting companies by threatening to leak stolen data. This collaborative structure allows for a streamlined process: one group gains access, another exploits it.
Though Victoria’s Secret has not confirmed whether Scattered Spider or DragonForce are behind the current disruption, cybersecurity experts say the patterns are “strikingly familiar.” The involvement of multiple actors across geographies underscores the evolving complexity of cyber threats in the retail industry.
About the author – Prakriti Jha is a student at National Forensic Sciences University, Gandhinagar, currently pursuing B.Sc. LL.B (Hons.) with a keen interest in the intersection of law and data science. She is passionate about exploring how legal frameworks adapt to the evolving challenges of technology and justice.