DragonForce ransomware gang claims breach of Belk department store
Learn More
The DragonForce ransomware group is claiming responsibility for a cyberattack on the department store chain Belk Inc.
Belk Inc., founded in 1888 operates approximately 300 locations across 16 southeastern states. The company offers a wide range of products including apparel, footwear, home furnishings, jewelry, and beauty products.
The attack occurred between May 7-11, 2025. Belk worked with third-party cybersecurity experts to contain the breach and assess its scope. Belk isolated systems, ran a full company password reset and rebuilt servers and endpoints with additional security tools and controls. The company notified law enforcement and is cooperating with investigators.
DragonForce claims to have stolen approximately 156 gigabytes of data from Belk's systems, and listed the company to their dark web site. This probably means that ransom negotiations had failed. Exposed data includes:
- Names of customers and employees
- Social Security numbers
- Internal corporate documents and systems data
- Various personal information contained within Belk's computerized systems
The number of affected individuals has not been disclosed. Belk just noted that the breach impacted both customer and employee information.
The company sent data breach notification letters on June 5, 2025. Belk is offering affected individuals 12 months of complimentary credit monitoring and identity restoration services to help mitigate potential identity theft and financial fraud.
