đź“… Timeline of Events
- May 24, 2025: The company detected a “security incident” affecting its IT systems.
- May 26–29, 2025: As a precaution, they shut down the corporate systems and the U.S. e‑commerce site; the site remained offline for several days, disrupting in-store services at Victoria’s Secret and PINK locations.
🔧 Company Response
- Activated emergency protocols immediately, engaged third-party cybersecurity experts, and contained unauthorised access.
- Most corporate and in-store systems have now been restored; the e‑commerce website returned on May 29.
đź’° Impact on Q1 Earnings
- The breach did not affect the first-quarter results, as the quarter ended May 3, before the breach.
- Preliminary Q1 figures:
- Net sales: $1.35 billion (above the $1.30–1.33 b guidance)
- Adjusted operating income: $32 million (exceeding the $10–30 million range)
đź•’ Why Earnings Were Delayed
The recovery process prevented employees from accessing essential systems and data required for earnings finalisation, leading to the postponement of the originally scheduled June 5 earnings announcement.
🧾 Financial Ramifications
- Although Q1 performance is strong, the company acknowledged potential extra costs related to the incident, which may impact Q2 results.
- Some analysts called the downtime “a significant problem” during Memorial Day weekend, one of the highest-volume retail periods.
- Despite the disruption, shares rose ~2% in early trading, as preliminary results exceeded expectations.
🔍 Broader Context
- The attack echoes broader trends: Scattered Spider and other threat actors have recently targeted UK retail giants like Harrods, Marks & Spencer, Co‑op, Adidas, North Face, Cartier, and Dior.
- The suspected use of ransomware or social-engineering methods (help desk takeovers) has been noted in similar incidents.
June 8, 2025
By Jaeson Sha