Victoria’s Secret Recovers from Cyberattack, Restores Core Systems
Lingerie and fashion giant Victoria’s Secret has confirmed the restoration of all critical systems impacted by a May 24 cyberattack, which temporarily shut down internal networks, in-store services, and its e-commerce platform.
In a filing with the U.S. Securities and Exchange Commission (SEC) on Thursday, the company said it has successfully contained and eradicated the unauthorized access with the help of external cybersecurity experts. It is continuing to assess the full scope of the breach but emphasized that no material disruption to operations has occurred to date.
“We immediately enacted our response protocols to contain and eradicate unauthorized network access… All critical systems are restored and fully operational,” the company stated.
Despite the breach, Victoria’s Secret maintains confidence in its fiscal forecast. The company reported $1.353 billion in Q1 net sales and projects up to $6.3 billion for the full year. While incident-related expenses may still accrue, the company does not expect the attack to materially impact FY2025 results.
Attack Impact: Delayed Earnings Release and Temporary Shutdowns
The cyberattack forced a precautionary shutdown of corporate infrastructure on May 26, which affected both internal systems and customer-facing services. As a result, Q1 earnings results—originally scheduled for early June—were postponed.
In a June 3 press release, the company acknowledged that the restoration process had made it impossible for staff to access key systems needed to finalize the earnings report.
No ransomware group has taken credit for the intrusion, and Victoria’s Secret has not disclosed the exact nature of the attack. The ongoing investigation continues with involvement from third-party specialists.
Strengthening Business Continuity Through Immutable Backups
As high-revenue retail enterprises like Victoria’s Secret face escalating cyber threats, it’s clear that operational continuity hinges on more than just response protocols. Delayed earnings releases and service outages—even when core systems are restored quickly—can have lasting reputational and financial consequences.
Organizations are now investing in air-gapped and immutable backup infrastructures that ensure recovery even when traditional systems are compromised. These solutions are engineered to resist ransomware, insider sabotage, and wiper malware, making them indispensable in today’s threat landscape.
Enterprise-Grade Resilience: The Backup Strategy You Need
If you’re looking to strengthen your defenses, check out this enterprise-grade option built specifically for ransomware resilience:
StoneFly DR365 for Veeam—a fully air-gapped, immutable backup and recovery appliance trusted by large organizations to ensure operational continuity even during sophisticated cyberattacks.
