VSC A.I CyberSecurity Scoring
VSC
Company Information
Website:http://careers.victoriassecret.com
Employees number:29,040
Number of followers:705,186
NAICS:43
Industry Type:Retail
Homepage:victoriassecret.com
VSC Risk Score (AI oriented)
Between 600 and 649
VSCRetail
Updated:
02/04/2026
02/04/2026
640/1000
Poor
Caa
VSC Global Score (TPRM)
xxxx
VSCRetail
Score locked

VSCPoor
Current Score
640Caa (POOR)
01000
4 incidents
-17 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
653
JUNE 2026
652
MAY 2026
646
APRIL 2026
640
MARCH 2026
637
FEBRUARY 2026
636
JANUARY 2026
725
DECEMBER 2025
639
NOVEMBER 2025
638
OCTOBER 2025
636
SEPTEMBER 2025
633
AUGUST 2025
644
Cyber Attack
01 Aug 2025 • VSC
Victoria's Secret
Scattered Spider Cybercrime Collective Resurfaces with New Telegram Channel
627
CRITICAL-17
VIC209081225
In early August 2025, the cybercrime collective Scattered Spider publicly exposed screenshots of console access to Victoria's Secret systems, indicating unauthorized access and potential data exfiltration. The group, collaborating with other extortion factions like ShinyHunters and Lapsus$, shared partial customer data samples, suggesting a breach of sensitive information. The attack involved spear-phishing and exploited VPN credentials, followed by in-memory execution of malicious payloads to evade detection. The incident highlights the group's shift toward real-time data theft and extortion, posing significant risks to the company's customer data and operational security.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JUNE 2025
735
Breach
13 Jun 2025 • VSC
Cartier, Marks & Spencer and Victoria’s Secret: UPDATE: May Cyber Attack Expected to Cost Victoria’s Secret $20 Million
Retail Cyberattacks Surge: Victoria’s Secret, The North Face, and Cartier Among Latest Victims
640
CRITICAL-95
VICMARCAR1772649374
Retail Cyberattacks Surge: Victoria’s Secret, The North Face, and Cartier Among Latest Victims
A wave of cyberattacks has targeted major retailers in recent weeks, disrupting operations and exposing customer data. Victoria’s Secret, The North Face, and Cartier are among the latest brands to report security breaches, highlighting the growing threat to the retail sector.
Victoria’s Secret Hit by Undisclosed Cyberattack
Victoria’s Secret experienced a security incident in late May, forcing the company to shut down its website and pause some in-store services from May 26 to May 29, 2025. While stores remained open, the outage delayed the company’s fiscal Q1 earnings report, though financial results released on June 11 showed net sales of $1.35 billion, exceeding expectations. However, the breach is projected to cost the company $20 million in Q2 net sales due to service disruptions.
The North Face and Cartier Report Separate Breaches
The North Face, owned by VF Corp., disclosed a "small-scale" credential-stuffing attack in April 2025, where hackers used leaked login details from other breaches to access customer accounts. No financial data was compromised, but names and emails were exposed.
Luxury brand Cartier also confirmed a breach, revealing that an unauthorized party accessed customer data, including purchase history, shipping addresses, birth dates, and phone numbers. The company did not specify when the attack occurred.
Retail Sector Under Siege
These incidents follow a string of attacks on other retailers this month, including Marks & Spencer, Dior, Harrods, and Adidas. The Adidas breach, linked to a third-party customer service provider, underscored the risks of supply chain vulnerabilities. Cybersecurity experts warn that retailers are prime targets due to the vast amounts of sensitive customer data they handle, with 46% of retail security professionals reporting data loss from attacks in the past year.
The financial and reputational toll is significant companies face network outages, customer account compromises, and long-term trust erosion, with some losing over 10% of annual revenue after breaches. While details of the Victoria’s Secret attack remain undisclosed, the incident reflects a broader trend of coordinated or opportunistic attacks on the retail industry.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
MAY 2025
751
Cyber Attack
26 May 2025 • VSC
Victoria’s Secret
Cyber Attacks on Victoria’s Secret, The North Face, and Cartier (May-June 2025)
733
CRITICAL-18
VIC840090225
Victoria’s Secret experienced a cyber attack in late May 2025, forcing the company to shut down its website and pause some in-store services from May 26 to May 29. The incident disrupted operations, delayed Q1 financial reporting, and resulted in an estimated $20 million loss in Q2 net sales due to service outages. While no customer data breach was explicitly confirmed in the article, the attack caused significant operational disruption, including halted online transactions, paused customer care services, and extended return/reward windows to mitigate customer impact. The company’s restoration efforts delayed financial reporting, highlighting the attack’s severity in terms of business continuity and financial repercussions. The incident aligns with a broader trend of targeted retail cyber attacks, emphasizing vulnerabilities in e-commerce and in-store systems.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
APRIL 2021
785
Breach
13 Apr 2021 • VSC
Victoria’s Secret
Victoria's Secret Data Breach
718
CRITICAL-67
VIC627072725
The breach notification was reported by Victoria's Secret on May 13, 2021, regarding unauthorized access to certain personal information in customer online accounts between April 13, 2021, and April 14, 2021. The compromised information included names, email addresses, postal addresses, birthdays (month and day), telephone numbers, and linked gift card details. The company has advised customers to change their passwords and monitor their accounts for suspicious activity.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for VSC ??
What was VSC's A.I Rankiteo Cyber Score in June 2026 ??
What was VSC's A.I Rankiteo Cyber Score in May 2026 ??
What was VSC's A.I Rankiteo Cyber Score in April 2026 ??
What was VSC's A.I Rankiteo Cyber Score in March 2026 ??
What was VSC's A.I Rankiteo Cyber Score in February 2026 ??
What was VSC's A.I Rankiteo Cyber Score in January 2026 ??
What was VSC's A.I Rankiteo Cyber Score in December 2025 ??
What was VSC's A.I Rankiteo Cyber Score in November 2025 ??
What was VSC's A.I Rankiteo Cyber Score in October 2025 ??
What was VSC's A.I Rankiteo Cyber Score in September 2025 ??
What was VSC's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on VSC's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with VSC ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view VSC's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?