Victoria’s Secret to delay earnings report due to security breach

Victoria’s Secret, a well-known lingerie brand, has decided to delay the release of its quarterly earnings due to a recent security breach that disrupted its corporate operations and caused the temporary shutdown of its U.S. shopping website. The brand first became aware of the security incident involving its IT systems on May 24 and immediately took action to address the breach. It engaged with third-party experts to contain and eliminate unauthorized network access, eventually leading to the shutdown of corporate systems and the retail website as a precaution on May 26.

This unfortunate incident bore the hallmarks of a cyberattack involving ransomware, a type of attack increasingly faced by retailers today. The disruption caused by the breach impacted various operations of Victoria’s Secret, including the in-store services at both Victoria’s Secret and Pink-branded locations. However, the company has been working diligently to restore most of these functions. Despite the progress made in restoring services, Victoria’s Secret is still in the process of fully reinstating access to its corporate systems, leading to the delay in the release of its first-quarter earnings report.

Although the company has not disclosed a new date for the earnings report release, it did share some preliminary findings. Victoria’s Secret expects to report $1.35 billion in net sales and an adjusted operating income of $32 million for the first quarter of 2025, surpassing previous guidance. Analysts predict that sales will be around $1.33 billion on average. The brand asserts that the breach did not impact its first-quarter results, as the period had ended before the disruptions. However, Victoria’s Secret remains vigilant in assessing the full extent of the incident and any potential expenses that could impact future financials.

The security incident experienced by Victoria’s Secret is not an isolated case. Amidst a rising number of cyberattacks affecting retailers, companies like Marks & Spencer, Harrods, and Co-op in the UK have also reported recent cyberattacks targeting their operations. For instance, Marks & Spencer faced challenges in processing online orders and experienced empty store shelves due to the cyberattack, with estimated costs of 300 million pounds ($400 million). Similarly, Adidas acknowledged a breach that led to the exposure of consumer data, mainly contact information, through a third-party customer service provider.

Following such cybersecurity incidents, experts emphasize the importance of consumer alertness as fraudsters may exploit the situation. It is integral for consumers to remain vigilant and wary of potential risks following a breach affecting consumer-facing brands like Victoria’s Secret. Cybersecurity threats are becoming increasingly prevalent, affecting various industries and underscoring the critical need for robust security measures to safeguard sensitive data and operations.