Victoria's Secret shuts down website aft information breach
Victoria's Secret has taken down its U.S. website and says immoderate in-store services volition besides beryllium unavailable arsenic it addresses an unspecified "security incident."
A connection to customers remained successful spot of the fashionable lingerie brand's mean buying tract Thursday, stating that the Ohio-based institution had halted these operations "as a precaution."
"Our squad is moving astir the timepiece to afloat reconstruct operations," the connection read. "We admit your patience during this process."
Victoria's Secret did not supply galore details astir the information incident, oregon straight corroborate whether it was a cyber oregon ransomware attack.
"We identified and are taking steps to code a information incident," a Victoria's Secret spokesperson said successful a connection to CBS News. "We instantly enacted our effect protocols, third-party experts are engaged, and we took down our website and immoderate successful store services arsenic a precaution. We are moving to rapidly and securely reconstruct operations."
Victoria's Secret besides didn't specify erstwhile it archetypal identified the contented and began pulling backmost services. Most media reports of the retailer's website going acheronian emerged Wednesday - erstwhile the institution besides shared an update connected societal media - but immoderate frustrated customers online said they began experiencing issues earlier successful the week, arsenic acold backmost arsenic Monday.
An FAQ connected the firm tract for Victoria's Secret notes that the institution doesn't person an estimation for erstwhile its tract volition beryllium backmost up. Its lawsuit attraction services were besides offline arsenic of Wednesday night.
The institution added that it is trying to fulfill orders placed earlier Monday and that it would beryllium extending instrumentality windows and immoderate nonstop message coupon offers for impacted customers successful the U.S.
Victoria's Secret said its stores, arsenic good arsenic its PINK marque locations, stay unfastened for customers. But immoderate in-store services - specified arsenic returning online orders successful idiosyncratic - are unavailable per its lawsuit FAQ.
It was not instantly wide if immoderate in-store services successful Victoria's Secret locations extracurricular the U.S. were besides impacted. But the company's U.K. tract appeared uninterrupted Thursday.
Bloomberg News reported that Victoria's Secret besides stopped immoderate of its bureau operations and that immoderate employees were locked retired of their institution email accounts connected Wednesday, citing an anonymous root acquainted with the matter.
Shares for Victoria's Secret tumbled astir 4% arsenic of midday Thursday.
While not confirmed by the company, the "security incident" impacting Victoria's Secret's operations bears each the hallmarks of a cyberattack. And it arrives arsenic much and much companies study breaches that disrupt operations and/or exposure lawsuit data.
Last week, for example, Adidas announced that it had precocious go alert of an "unauthorized outer party" obtaining immoderate user information - mostly consisting of interaction accusation - done a third-party lawsuit work provider. The German footwear and covering institution said it would beryllium informing impacted customers and moving with instrumentality enforcement.
And respective British retailers - Marks & Spencer, Harrods and Co-op - person each shared that they've been targeted by cyberattacks implicit caller weeks. The cyberattack hitting M&S stopped it from processing online orders and near store shelves empty, with the institution estimating that this volition outgo it 300 cardinal pounds ($400 million).
And pursuing immoderate cybersecurity incidental impacting a consumer-facing brand, experts pass that it's important for shoppers to beryllium alert. Fraudsters mightiness committedness fake promotions done phishing emails, for example, oregon usage delicate accusation that whitethorn person been compromised.
English (US) ·