Victoria’s Secret Gets Hacked?! 💻🚨 - Omni Talk Retail

Summary3 min read

Omni Talk Retail – Episode Summary: "Victoria’s Secret Gets Hacked?! 💻🚨"

Release Date: June 6, 2025

In this insightful episode of Omni Talk Retail, hosts Anne Mezzenga and Chris Walton dissect the recent cybersecurity incident involving Victoria’s Secret. They explore the broader implications for the retail industry, emphasizing the urgent need for enhanced cybersecurity measures amidst evolving digital threats.

1. Introduction to the Victoria’s Secret Security Breach

The episode kicks off with Anne Mezzenga introducing the headline news:

“Victoria's Secret shut down its website in response to a security incident last week. According to CNET, on Wednesday, the clothing and lingerie company replaced its regular US Retail site with a note to customers saying that it was aware of and dealing with the incident, adding that its website and some services were temporarily shut down as a ‘precaution.’” [00:00]

Anne highlights that while the online platform was affected, Victoria’s Secret assured customers that their brick-and-mortar stores remained operational.

2. The Wake-Up Call for American Retailers

Chris Walton responds emphatically to the incident's significance:

“Oh my God, 100%, yes.” [00:49]

He references a conversation with Michael Prendergast, noting that only about 20% of US retailers are adequately prepared for cybercrimes. Chris underscores the increasing frequency of such incidents, attributing it to advancements in AI and the proliferation of bots.

“We are only going to see more of these incidents… because the rise of AI, retailers and brands... are going to see more and more bots scraping their sites each and every day.” [01:50]

3. The Escalating Threat of AI in Cybersecurity

Delving deeper, Chris explains how agentic AI is transforming the cybersecurity landscape:

“Cyber criminals are smart and they know how to capitalize on recent trends better and faster than anyone.” [02:15]

He elaborates on the challenges retailers face in distinguishing between legitimate traffic and malicious bots, which increasingly bypass traditional security systems. This surge in sophisticated threats necessitates a proactive approach to cybersecurity.

4. Strategic Budgeting for Enhanced Cybersecurity

Chris advises retail executives and CFOs to prioritize cybersecurity in their budgets:

“If you're an executive who's deciding budgets... I would probably be leaning into this a little bit more, at least conversationally, in the boardrooms.” [02:50]

He emphasizes that allocating sufficient resources towards cybersecurity is no longer optional but essential for safeguarding business operations and maintaining customer trust.

5. The Hidden Costs of Cyberattacks on Customer Trust

Anne highlights the broader implications of cyberattacks beyond immediate financial losses:

“The loss to customers is so high. The cost to acquire those customers... far exceeds the cost to just get your cybersecurity house in order.” [04:00]

She references recent cyberattacks on UK retailers like Coop and Harrods, pointing out that the damage to customer trust and brand reputation can be devastating and long-lasting.

6. Impact on Customer Perception and Brand Loyalty

The discussion shifts to how security breaches affect customer behavior and brand loyalty:

“In the mind of your customer, do I want to switch?” [04:02]

Anne and Chris agree that once customers lose trust in a brand's ability to protect their data, it becomes significantly harder and more costly to regain their loyalty. This is particularly detrimental for legacy brands like Victoria’s Secret, where maintaining a loyal customer base is crucial.

7. Proactive Measures and Future Outlook

Concluding the discussion, Chris reiterates the necessity for retailers to stay ahead of cyber threats by adopting advanced security measures and continuously updating their strategies to counteract evolving cybercriminal tactics.

“Retailers are going to find it difficult to stop them. So I think retailers listening... need to put more into their cybersecurity considerations.” [02:50]

Anne echoes this sentiment, emphasizing that the proactive investment in cybersecurity is imperative to protect both the business and its customers from future incidents.

Final Thoughts

This episode serves as a critical reminder for retailers to prioritize cybersecurity amidst the growing digital threats exacerbated by AI advancements. Anne Mezzenga and Chris Walton provide a comprehensive analysis of the Victoria’s Secret hack, offering valuable insights and actionable advice for retail professionals striving to safeguard their businesses and maintain customer trust in an increasingly volatile digital landscape.

Loading summary

Transcript6 lines

[00:01]
A
Another topic that you'll be very familiar with. We're talking Victoria's Secret. No, you actually are. The, you actually have done a lot of work on this headline right now, so I'm excited to hear your perspective. But headline number three is Victoria's Secret shut down its website in response to a security incident last week. According to cnet, on Wednesday, the clothing and lingerie company replaced its regular US Retail site with a note to customers saying that it was aware of and dealing with the incident, adding that its website and some services were temporarily shut down as a, quote, a precaution, end quote. It did not offer details about what kind of security incident occurred, but said that its brick and mortar Victoria's Secret and Pink stores remained open. Chris, should Victoria's Secret site outage last week be a wake up call for American retailers?
[00:49]
B
Oh my God, 100%, yes. And I mean, we asked Michael Prendergast this two weeks ago when we had a M on the podcast and he, you know, he anecdotally said from his experience as interim CEO at Joann's that he would put the estimate at 20% of the US retailers that are actually prepared for cyber, you know, for cyber crimes to deal with them as they come. And that, you know, for the last, again, for like about the last month, I've been asking a lot of people about this both at this conference at Zoom Calls, I've talked with companies like Bodify and I was talking to Rochelle Thielen, the CEO of Traject Data at Shop Talk Europe. And what I've been learning is that we are only going to see more of these incidents incidences, you know, which, which makes me feel good about our show because we've been talking about this and then, I mean, I don't feel good for Victoria Sear, but I, I feel good for our show because we talked about this before it happened and then it happened and there's. We're going to see more of it because of the rise of AI, because the way with AI proliferating in the space, in the retail space, the way it is, particularly with agentic AI coming into the fold now. Yeah, retailers and brands, websites are going to see more and more bots scraping their sites each and every day. Which means when you think about it from an operations standpoint, it's going to become more and more difficult for the retailers to understand who are the good bots and who are the bad bots. But yet the overall traffic of bots to the site is going to increase exponentially. So, not surprisingly, when that happens, more of the sophisticated threats are going to get through because the security systems are having to watch more things. So the cyber criminals are smart and they know how to capitalize on recent trends better and faster than anyone. And so the retailers are going to be, it's going to be difficult for them to stop them. So I think retailers listening, if you're in this space, you probably already know this, but, you know, if you're an executive who's deciding budgets and you're a CFO trying to figure out, you know, how much do we earmark towards what? I would, I would probably be leaning into this a little bit more, at least conversationally, in the boardrooms.
[02:50]
A
Yeah, I think that was an awesome overview, Chris. And I think the last thing that I would just say, which we talked about with Michael Prendergrass, when we were talking about the teams from co op and Harrods and others that have been hit in the UK recently with cyber attacks, the loss to customers is so high. And think about even the reviews and some of the commentary that they got for this Victoria's Secret reporting. They're bad. They're bad. They're people who, once you lose those customers, you're already doing so much to get them in the door to maintain them as a customer, especially for a legacy brand like Victoria's Secret or like Joanne that Michael was talking about last week, the cost to acquire those customers, again, I have to imagine, far out, it exceeds the cost to just get your cybersecurity house in order. So I think that's the, that's the thing here that you, you. It's not just the cost of the loss of data or of time or of resources put towards getting the site back up online. It's really the cost and the impact that this has on your customer base too, that I think people need to be putting into that consideration set it.
[04:02]
B
Puts in the mind of your customer, do I want to switch?
[04:05]
A
Right.
[04:06]
B
And that's never something you want to have happen, especially after a purchase like is happening in this Victoria's Secret example, too.