Charlotte, NC – July 17, 2025 — The U.S. retail chain Belk, Inc. confirmed it was the victim of a ransomware attack in May 2025 that led to the theft of sensitive corporate and personal data. The cybercriminal group DragonForce has claimed responsibility for the incident, asserting it exfiltrated 156 gigabytes of data from the company during a four-day breach.
Belk, a department store chain headquartered in Charlotte, North Carolina, disclosed in a letter to the New Hampshire Attorney General that an unauthorized party accessed its corporate systems between May 7 and May 11. The company stated it discovered the intrusion on May 8 and responded swiftly with the assistance of third-party cybersecurity experts.
The attack reportedly compromised internal corporate documents, including files containing names and Social Security numbers. As of June 5, Belk confirmed that at least one New Hampshire resident had personal data accessed during the breach. Impacted individuals are being offered 12 months of complimentary credit monitoring and identity restoration services through Epiq – Privacy Solutions…