BBW
Company Details
Linkedin ID:
bath-and-body-works
Website:
Employees number:
33,374
Number of followers:
579,652
NAICS:
43
Industry Type:
Homepage:
bbwinc.com
IP Addresses:
0
Company ID:
BAT_1038094
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Bath & Body Works Vendor Cyber Rating & Cyber Score
bbwinc.comWe were founded on a simple idea: to make the world a brighter, happier place through the power of fragrance. As we've grown, so has our purpose and today, we help the world live more fully through the power of fragrance. We’re a team that cares about our customers and believes in giving them a reason to celebrate with fragrance every day. We are committed to creating a welcoming culture that is focused on delivering exceptional fragrances and experiences. We work hard to improve our communities and our planet in a way that will make us proud for years to come ... because we believe the world is a better place when everyone has access to the things that make them happy. Home of America’s Favorite Fragrances®, Bath & Body Works is a global leader in personal care and home fragrance, including the top-selling collections for fine fragrance mist, body lotion and body cream, 3-wick candles, home fragrance diffusers and liquid hand soap. Powered by agility and innovation, the company’s predominantly U.S.-based supply chain enables the company to deliver quality, on-trend luxuries at affordable prices. Bath & Body Works serves and delights customers however and wherever they want to shop, from welcoming, in-store experiences at more than 1,800 company-operated Bath & Body Works locations in the U.S. and Canada and more than 425 international franchised locations to an online storefront at www.BathandBodyWorks.com.
Bath & Body Works A.I CyberSecurity Scoring
BBW Risk Score (AI oriented)Between 750 and 799
BBW
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
BBW Global Score (TPRM)XXXX
BBW
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
BBW Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Bath & Body Works Direct, Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported that Bath & Body Works Direct, Inc. experienced a data breach occurring between June 20, 2021, and June 25, 2021. The breach involved unauthorized access to personal information in customer loyalty accounts, but the specific number of affected individuals is unknown.
BBW Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for BBW
Incidents vs Retail Industry Average (This Year)
No incidents recorded for Bath & Body Works in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Bath & Body Works in 2026.
Incident Types BBW vs Retail Industry Avg (This Year)
No incidents recorded for Bath & Body Works in 2026.
Incident History — BBW (X = Date, Y = Severity)
BBW cyber incidents detection timeline including parent company and subsidiaries
BBW Company Subsidiaries
We were founded on a simple idea: to make the world a brighter, happier place through the power of fragrance. As we've grown, so has our purpose and today, we help the world live more fully through the power of fragrance. We’re a team that cares about our customers and believes in giving them a reason to celebrate with fragrance every day. We are committed to creating a welcoming culture that is focused on delivering exceptional fragrances and experiences. We work hard to improve our communities and our planet in a way that will make us proud for years to come ... because we believe the world is a better place when everyone has access to the things that make them happy. Home of America’s Favorite Fragrances®, Bath & Body Works is a global leader in personal care and home fragrance, including the top-selling collections for fine fragrance mist, body lotion and body cream, 3-wick candles, home fragrance diffusers and liquid hand soap. Powered by agility and innovation, the company’s predominantly U.S.-based supply chain enables the company to deliver quality, on-trend luxuries at affordable prices. Bath & Body Works serves and delights customers however and wherever they want to shop, from welcoming, in-store experiences at more than 1,800 company-operated Bath & Body Works locations in the U.S. and Canada and more than 425 international franchised locations to an online storefront at www.BathandBodyWorks.com.
Loading...
BBW Similar Companies
JYSK
JYSK is an international home furnishing retailer with Scandinavian roots that makes it easy to furnish every room in any home and garden. JYSK delivers a great Scandinavian offer for everyone within sleeping and living. We are a global retail chain of stores and web shops, and part of the family-
Spencer's
We are a lifestyle retail company with two unique brands located throughout the U.S., Canada, and online. Our Home Office is located just minutes from the beach in Egg Harbor Township, NJ. At Spencer's and Spirit Halloween, we do the right thing always - integrity, fairness, respect, and transparen
RGIS
Since 1958, we’ve been pushing the envelope for accurate and reliable inventories and quality retail merchandising services. Our trusted results allowed us to expand across the globe as well as leverage our expertise to service other industries. With nation-wide coverage and thousands of employees
Target is one of the world’s most recognized brands — and one of America’s leading retailers — known for bringing joy to everyday life. We create meaningful experiences for our guests by combining value, inspiration and innovation in ways no one else can. Beyond our stores and digital experiences, w
Dollar Tree remains committed to our original mission: giving our customers extreme value at low prices. Employing more than 150,000 associates across a network of 9,000 stores and 18 distribution centers in North America, we’re fulfilling that mission more now than ever before. We see an exciting
Rumah
Fundada em Junho de 2015, a Rumah é uma loja online especializada em artigos de decoração e itens para a casa, entregando seus produtos para o Brasil inteiro. Com um portfólio grande e variado, a Rumah proporciona diversas opções para seus clientes em várias categorias. Das influências clássicas, m
Cencosud S.A. is a Chilean based multi-format retailer with operations in Argentina, Brazil, Chile, Colombia, Peru and a commercial office in China. Through its supermarket, home improvement, department stores, shopping centers and financial services divisions, the Company targets a wide range o
Wakefern Food Corp.
About Wakefern Food Corp. What began in 1946 as a small, local cooperative formed by eight visionary grocery store owners has grown into Wakefern Food Corp., the largest retailer-owned cooperative in the United States. Headquartered in New Jersey, Wakefern today is a vibrant network of member famil
Coop
Coop has been an integral part of Switzerland for over 150 years and acts with a sense of responsibility for its people, its regions and its ecosystems. As a retailer, wholesaler and producer, we deliver quality and are proud of our numerous brands and products. The diversity of our teams and tasks
.png)
BBW CyberSecurity News
Loading...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
BBW CyberSecurity History Information
Official Website of Bath & Body Works
The official website of Bath & Body Works is https://www.bbwinc.com/about-us.
Bath & Body Works’s AI-Generated Cybersecurity Score
According to Rankiteo, Bath & Body Works’s AI-generated cybersecurity score is 750, reflecting their Fair security posture.
How many security badges does Bath & Body Works’ have ?
According to Rankiteo, Bath & Body Works currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Bath & Body Works been affected by any supply chain cyber incidents ?
According to Rankiteo, Bath & Body Works has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Bath & Body Works have SOC 2 Type 1 certification ?
According to Rankiteo, Bath & Body Works is not certified under SOC 2 Type 1.
Does Bath & Body Works have SOC 2 Type 2 certification ?
According to Rankiteo, Bath & Body Works does not hold a SOC 2 Type 2 certification.
Does Bath & Body Works comply with GDPR ?
According to Rankiteo, Bath & Body Works is not listed as GDPR compliant.
Does Bath & Body Works have PCI DSS certification ?
According to Rankiteo, Bath & Body Works does not currently maintain PCI DSS compliance.
Does Bath & Body Works comply with HIPAA ?
According to Rankiteo, Bath & Body Works is not compliant with HIPAA regulations.
Does Bath & Body Works have ISO 27001 certification ?
According to Rankiteo,Bath & Body Works is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Bath & Body Works
Bath & Body Works operates primarily in the Retail industry.
Number of Employees at Bath & Body Works
Bath & Body Works employs approximately 33,374 people worldwide.
Subsidiaries Owned by Bath & Body Works
Bath & Body Works presently has no subsidiaries across any sectors.
Bath & Body Works’s LinkedIn Followers
Bath & Body Works’s official LinkedIn profile has approximately 579,652 followers.
NAICS Classification of Bath & Body Works
Bath & Body Works is classified under the NAICS code 43, which corresponds to Retail Trade.
Bath & Body Works’s Presence on Crunchbase
No, Bath & Body Works does not have a profile on Crunchbase.
Bath & Body Works’s Presence on LinkedIn
Yes, Bath & Body Works maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/bath-and-body-works.
Cybersecurity Incidents Involving Bath & Body Works
As of April 02, 2026, Rankiteo reports that Bath & Body Works has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Bath & Body Works has an estimated 15,730 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Bath & Body Works ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
Incident Details
Can you provide details on each incident ?
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach BAT545072925
Data Compromised: Personal information in customer loyalty accounts
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal information.
Which entities were affected by each incident ?
Incident : Data Breach BAT545072925
Entity Name: Bath & Body Works Direct, Inc.
Entity Type: Retail
Industry: Retail
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach BAT545072925
Type of Data Compromised: Personal information
References
Where can I find more information about each incident ?
Incident : Data Breach BAT545072925
Source: California Office of the Attorney General
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney General.
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Personal information in customer loyalty accounts.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Personal information in customer loyalty accounts.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is California Office of the Attorney General.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=bath-and-body-works' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
