Victoria’s Secret has suspended all online orders due to a suspected cyberattack, though its brick-and-mortar stores remain operational. Despite a spokesperson reportedly confirming that third-party cybersecurity experts have been retained to address the issue, the lingerie company declined to provide details on the attack’s nature or the expected resolution timeline. The identity of the attackers is not yet known. This disruption follows a recent warning from Google that a cybercriminal group responsible for significant disruptions to British retailers had begun targeting major American brands. According to a report by NBC News, Victoria's Secret ’s website has been replaced with a generic message and no links since last week.
The message reads: “Valued customer, we identified and are taking steps to address a security incident. We have taken down our website and some in store services as a precaution. Our team is working around the clock to fully restore operations. We appreciate your patience during this process.”
What Google warned about cyberattackers targeting America brands
In April, a cyberattack campaign targeting British retailers began and followed a consistent method. According to Google, a loosely affiliated group of predominantly young, English-speaking men, known in cybersecurity circles as Scattered Spider, deceived employees at these companies into revealing credentials for sensitive systems.
Scattered Spider then reportedly passed that access to a criminal organization calling itself DragonForce, which extorts victims by threatening to release stolen data.
This year, three British retailers confirmed they were hit by cyberattacks: Marks & Spencer suspended online orders for several weeks; the Co-op Group suffered a major customer data breach; and Harrods experienced only brief service interruptions.
These attacks seem similar to the incidents that took place in 2023 against two major Las Vegas casino operators, in which MGM Resorts endured widespread outages, which ranged from hotel keycard failures to casino floor closures, after Scattered Spider allegedly granted access to a Russian-speaking criminal syndicate.
The message reads: “Valued customer, we identified and are taking steps to address a security incident. We have taken down our website and some in store services as a precaution. Our team is working around the clock to fully restore operations. We appreciate your patience during this process.”
What Google warned about cyberattackers targeting America brands
In April, a cyberattack campaign targeting British retailers began and followed a consistent method. According to Google, a loosely affiliated group of predominantly young, English-speaking men, known in cybersecurity circles as Scattered Spider, deceived employees at these companies into revealing credentials for sensitive systems.
Scattered Spider then reportedly passed that access to a criminal organization calling itself DragonForce, which extorts victims by threatening to release stolen data.
This year, three British retailers confirmed they were hit by cyberattacks: Marks & Spencer suspended online orders for several weeks; the Co-op Group suffered a major customer data breach; and Harrods experienced only brief service interruptions.
These attacks seem similar to the incidents that took place in 2023 against two major Las Vegas casino operators, in which MGM Resorts endured widespread outages, which ranged from hotel keycard failures to casino floor closures, after Scattered Spider allegedly granted access to a Russian-speaking criminal syndicate.
You may also like
Quad ministers set to meet soon, clear decks for summit India will host
Florian Wirtz drops huge Liverpool hint in angry response to transfer claims
RCB break the trophy jinx after 18 years, check the massive prize money they receive
Boy diagnosed with two cancers before age 3 after parents spotted unusual sign
Rape victim's death: Bihar govt suspends hospital officials
