Ransomware gang DragonForce today took credit for a May 2025 cyber-attack against Belk, a chain of US department stores. DragonForce says it stole 156 GB of data from the company. The cyber attack disrupted both online and in-person operations at Belk stores for several days.
For several days, the Belk department store chain has been dealing with the aftermath of computer system problems at all of its stores that began last week. That also prompted a number of customers to complain about the issue on social media.
System problems started Friday afternoon, a Belk customer service representative at SouthPark mall told The Charlotte Observer Wednesday.
“We did have a system shutdown that happened to all Belk stores,” the store representative said. “But we do have some registers working to do refunds, returns, make card payments and cash payments.”
The iconic Charlotte-based department store chain has nearly 300 stores in 16 Southeast states.
Commenting on this is Rebecca Moody, Head of Data Research at Comparitech:
“It’s perhaps no surprise that DragonForce’s latest victim is another large retailer. Like Marks & Spencer, the Co-operative Group, and Harrods, Belk appears to have suffered significant system disruption and data theft at the hands of DragonForce. However, unlike the three aforementioned UK retailers, Belk has actually been added to DragonForce’s data leak site. While none of the retailers have confirmed or denied ransom payments, this latest post does possibly suggest that ransom negotiations were unsuccessful with Belk (at least in relation to the stolen data). DragonForce alleges to have stolen 156 GB of data.”
“Belk hasn’t yet confirmed how many people have been impacted in this breach but with 300 stores across the US and numerous lawsuits already underway, it could be significant. Anyone affected should take up Belk’s offer of free credit monitoring while being on high alert for any potential phishing messages.”
Retailers are quickly joining education and health care as being low hanging fruit for threat actors. And any organization that is part of that list really needs to up their game in terms of keeping the bad guys out.
Like this:
Like Loading...
Related
This entry was posted on July 14, 2025 at 2:39 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
DragonForce Claims Responsibility For Belk Cyberattack
Ransomware gang DragonForce today took credit for a May 2025 cyber-attack against Belk, a chain of US department stores. DragonForce says it stole 156 GB of data from the company. The cyber attack disrupted both online and in-person operations at Belk stores for several days.
For several days, the Belk department store chain has been dealing with the aftermath of computer system problems at all of its stores that began last week. That also prompted a number of customers to complain about the issue on social media.
System problems started Friday afternoon, a Belk customer service representative at SouthPark mall told The Charlotte Observer Wednesday.
“We did have a system shutdown that happened to all Belk stores,” the store representative said. “But we do have some registers working to do refunds, returns, make card payments and cash payments.”
The iconic Charlotte-based department store chain has nearly 300 stores in 16 Southeast states.
Commenting on this is Rebecca Moody, Head of Data Research at Comparitech:
“It’s perhaps no surprise that DragonForce’s latest victim is another large retailer. Like Marks & Spencer, the Co-operative Group, and Harrods, Belk appears to have suffered significant system disruption and data theft at the hands of DragonForce. However, unlike the three aforementioned UK retailers, Belk has actually been added to DragonForce’s data leak site. While none of the retailers have confirmed or denied ransom payments, this latest post does possibly suggest that ransom negotiations were unsuccessful with Belk (at least in relation to the stolen data). DragonForce alleges to have stolen 156 GB of data.”
“Belk hasn’t yet confirmed how many people have been impacted in this breach but with 300 stores across the US and numerous lawsuits already underway, it could be significant. Anyone affected should take up Belk’s offer of free credit monitoring while being on high alert for any potential phishing messages.”
Retailers are quickly joining education and health care as being low hanging fruit for threat actors. And any organization that is part of that list really needs to up their game in terms of keeping the bad guys out.
Share this:
Like this:
Related
This entry was posted on July 14, 2025 at 2:39 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.