Lingerie retailer Victoria’s Secret is set to become the target of cybercriminals over Christmas as a list of its website’s vulnerabilities appears online.
According to security experts at Israeli firm CyberInt, hackers are preparing to attack the brand and its customers by offering tools to hack it on the web, The Telegraph reported.
Apps masquerading as the official Victoria’s Secret app were discovered on the dark web, which would allow hackers to take full control of any customer’s device who downloaded the fake app unwittingly.
This could potentially see customers pictures, documents, browsing habits and banking details handed to fraudsters.
Customer accounts were also found up for sale in rubles, suggesting that there had already been a security breach and that customer account details had been attained by Russian criminals.
However, CyberInt could not confirm if these accounts were real.
A list of the brand’s website’s vulnerabilities was also found by the research firm, who have advised Victoria’s Secret to warn customers to change their password and bring legal action to those creating fake apps.