Victoria’s Secret website down as security incident strikes.
Hot on the heels, no pun intended, of ransomware attacks against retailers in the U.K. such as Marks and Spencer and the Co-Op, as well as a security incident at Harrods, comes news that the lingerie superstar that is Victoria’s Secret has also suffered a security incident that has left the online site offline. Here’s what we know so far.
Victoria’s Secret Website Down Due To A Security Incident
The online underwear shopping presence of Victoria’s Secret has been missing in action for a number of days now. Although it is too early to confirm, this type of web disappearance is often associated with a ransomware attack against the retailer in question.
Visitors to the Victoria’s Secret site are currently met with the following statement:
“Valued customer, we identified and are taking steps to address a security incident. We have taken down our website and some in store services as a precaution. Our team is working around the clock to fully restore operations. We appreciate your patience during this process. In the meantime, our Victoria’s Secret and PINK stores remain open and we look forward to serving you.”
Calling it a significant cybersecurity incident, Jamie Akhtar, CEO at CyberSmart, said enacting protocols to take services offline and engaging third-party cybersecurity experts is indicative of the nature of the attack, and customers should be proactive.
“If you have an online account with Victoria’s Secret,” Akhtar warned, “it’s advisable to monitor your account activity closely for any unusual transactions.” Although it is unclear if this is a ransomware attack or some other kind of incident, Akhtar also advised customers to think about changing their passwords, especially if shared with other sites and services.
“Furthermore,” Akhtar concluded, “cybercriminals often exploit news of data breaches to craft convincing fraudulent communications, verify the authenticity of emails or messages claiming to be from Victoria’s Secret, particularly those requesting personal information or prompting you to click on unfamiliar links.”
I reached out to Victoria’s Secret to inquire about any additional information regarding the security incident at this time, specifically whether a ransomware attack could be confirmed or denied. However, a spokesperson would only provide me with the same statement that appears on the website.
