Belk
Company Details
Linkedin ID:
belk
Website:
Employees number:
12,732
Number of followers:
121,054
NAICS:
43
Industry Type:
Homepage:
belkcareers.com
IP Addresses:
1
Company ID:
BEL_1829420
Scan Status:
Completed
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
Belk Vendor Cyber Rating & Cyber Score
belkcareers.comCharlotte-based Belk, Inc., a privately-owned department store, began when William Henry Belk opened his first store in 1888 with his brother, Dr. John Belk, joining as a partner. What started as two brothers in business has now grown into a legacy of selling great products at great prices, treating customers like family, and giving back to the community. Throughout the years, we’ve changed and grown in so many ways. We’ve added exciting products, adapted the way we work, and made it easier to shop with new technology and services. Today, Belk serves customers at nearly 300 Belk stores in 16 Southeastern states, at belk.com, and through the mobile app.
Belk A.I CyberSecurity Scoring
Belk Risk Score (AI oriented)Between 650 and 699
Belk
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Belk Global Score (TPRM)XXXX
Belk
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Belk Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Belk and Marks & Spencer: Marks & Spencer hackers hit US retailer Belk
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: DragonForce Ransomware Group Strikes US Retailer Belk in Major Cyberattack The US department store chain Belk has fallen victim to a cyberattack by the DragonForce ransomware group, the same threat actor behind the recent £300 million ($403 million) attack on UK retailer Marks & Spencer (M&S). The breach, disclosed in early June via a filing with the New Hampshire Attorney General’s Office, involved unauthorized access to corporate systems and sensitive customer data. Researchers from Cybernews confirmed the legitimacy of the leak, which includes names, dates of birth, addresses, phone numbers, email addresses, and order histories data that could be exploited by malicious actors, data brokers, or insurance companies for profiling. The exposed information also encompasses store coupons, employee records, and data from Belk’s mobile app infrastructure. While the exact number of affected individuals remains unclear, estimates suggest up to a million users may be impacted, though some accounts are likely test profiles. DragonForce, which first emerged in 2023, has rapidly expanded its operations, targeting 104 organizations in the past year. The group operates a dark web blog where it lists victims and shares stolen data. In Belk’s case, attackers claim to have exfiltrated 156GB of company data, including backups and employee profiles. The gang initially stated it had no intention of "destroying" Belk’s business but resorted to destructive measures after the company refused to pay the ransom. The attack has had significant financial repercussions for M&S, forcing its online clothing operations offline, disrupting food supply chains, and wiping over £1 billion from its stock market value. Online sales and trading profits in the affected division have been "heavily impacted" due to the suspension of e-commerce services. Belk, founded in 1888, operates nearly 300 stores across 16 US states and reported $4 billion in revenue last year. The incident underscores the growing threat posed by ransomware groups like DragonForce, which has also hijacked infrastructure from rival gangs such as BlackLock, Mamona, and RansomHub in a bid to dominate the cybercriminal landscape.
Belk Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Belk
Incidents vs Retail Industry Average (This Year)
No incidents recorded for Belk in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Belk in 2026.
Incident Types Belk vs Retail Industry Avg (This Year)
No incidents recorded for Belk in 2026.
Incident History — Belk (X = Date, Y = Severity)
Belk cyber incidents detection timeline including parent company and subsidiaries
Belk Company Subsidiaries
Charlotte-based Belk, Inc., a privately-owned department store, began when William Henry Belk opened his first store in 1888 with his brother, Dr. John Belk, joining as a partner. What started as two brothers in business has now grown into a legacy of selling great products at great prices, treating customers like family, and giving back to the community. Throughout the years, we’ve changed and grown in so many ways. We’ve added exciting products, adapted the way we work, and made it easier to shop with new technology and services. Today, Belk serves customers at nearly 300 Belk stores in 16 Southeastern states, at belk.com, and through the mobile app.
Loading...
Belk Similar Companies
Ahold Delhaize is one of the world’s largest food retail groups, we are a leader in supermarkets and e-commerce, and a company at the forefront of sustainable retailing. Our local brands employ around 393,000 associates in around 9,400 local grocery, small format, and specialty stores. Our family
At Kroger, we believe no matter who you are or how you like to shop, everyone deserves affordable, easy-to-enjoy, fresh food. This idea is embodied in our simple tagline—Fresh for Everyone™. Kroger ranks as one of the world’s largest retailers. We are nearly half a million associates across 2,800
As we reinvent ourselves to fit the diversity of America, we are looking for motivated, talented people who can emerge as Warriors in our organization. JCPenney offers an inclusive environment and culture where you can find and define yourself - your style, your purpose and your career. We know s
Migros Ticaret
Türkiye'de modern perakende sektörünün öncülüğünü yapmakta olan Migros günümüzde çok geniş kullanım alanına sahip mağazalarında, gıda ve ihtiyaç maddelerinin yanı sıra kırtasiye, züccaciye, beyaz eşya, kitap ve konfeksiyon gibi bölümleriyle hemen hemen tüm müşteri gereksinimlerini karşılamaktadır.
Coles Group
Coles is one of Australia’s leading retailers, with an extensive footprint of over 1,800 retail outlets nationally. We employ more than 115,000 team members, engage with more than 8,000 suppliers, and we welcome millions of customers through our store network and digital platforms every week. We ar
IKEA
The IKEA vision is to create a better everyday life for the many people. Our business idea is to offer well-designed, functional and affordable, high-quality home furnishing, produced with care for people and the environment. The IKEA Brand unites more than 200.000 co-workers and hundreds of compan
Williams-Sonoma, Inc.
Founded in 1956, Williams-Sonoma, Inc. is the premier specialty retailer of high-quality products for the home. Our family of brands includes Williams Sonoma, Pottery Barn, Pottery Barn Kids, PBteen, West Elm, Williams-Sonoma Home, Rejuvenation, and Mark and Graham. These brands are among the best
Fred Meyer
The Kroger Co., together with its subsidiaries, operates as a food retailer in the United States. The company operates three formats of supermarkets: combination food and drug stores (combo stores), multi department stores, and price impact warehouse stores or marketplace stores. The combo stores op
Sainsbury's
Over 150 years old and still going strong, we’re the UK’s second-biggest retailer. Every day, the nation shops with us because they know they’ll get affordable, good food and excellent service. We focus on great value and convenient shopping across our family of brands, from Argos, Nectar and Habit
.png)
Belk CyberSecurity News
March 15, 2026 03:39 PM
Why cybersecurity should be required reading for higher education
Following a full cybersecurity assessment, a university lands on a solution that can identify, triage and manage data risks.
January 21, 2026 08:00 AM
Why Higher Ed CIOs Must Rethink Cybersecurity
Several Ivy League universities - including Harvard and Princeton - experienced hacks in 2025 through unpatched enterprise software and...
December 17, 2025 08:00 AM
KPMG: Cybersecurity spending rises as attacks increase
Security organizations are almost universally boosting their cybersecurity budgets, and with good reason.
December 02, 2025 08:00 AM
Three degrees, one vision: Natarajan Ravikumar blends technical depth, business acumen and data mastery
Today, he is a three-time Charlotte master's alumnus and a technology executive at Honeywell, where he is bridging the gap between...
July 16, 2025 07:00 AM
Ransomware gang claims credit for Belk data breach. ‘We hope this serves as a lesson.’
A ransomware group has claimed credit for Belk's data breach in May. DragonForce stole 156 GB of data from the Charlotte-based department store chain.
July 16, 2025 07:00 AM
Belk data breach leads to lawsuits, hackers refuse payment
A ransomware group is claiming to be behind Belk's data breach in May. A cybersecurity company told the Charlotte Observer a group named DragonForce posted...
July 16, 2025 07:00 AM
News - DragonForce hackers breach Belk, exposing customer data
Belk, a prominent American retail chain, said it experienced a data security incident earlier this year that led to the unauthorised access...
July 15, 2025 07:00 AM
DragonForce hackers claim responsibility for Belk data breach
A threat group claimed credit for an attack against Belk. The group claimed to have a trove of company data linked to a May 2025 attack.
July 15, 2025 07:00 AM
Belk hit by May cyberattack: DragonForce stole 150GB of data
Ransomware group DragonForce claims it attacked U.S. retailer Belk in May, stealing over 150GB of data in a disruptive cyberattack.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Belk CyberSecurity History Information
Official Website of Belk
The official website of Belk is https://www.belkcareers.com/.
Belk’s AI-Generated Cybersecurity Score
According to Rankiteo, Belk’s AI-generated cybersecurity score is 677, reflecting their Weak security posture.
How many security badges does Belk’ have ?
According to Rankiteo, Belk currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Belk been affected by any supply chain cyber incidents ?
According to Rankiteo, Belk has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Belk have SOC 2 Type 1 certification ?
According to Rankiteo, Belk is not certified under SOC 2 Type 1.
Does Belk have SOC 2 Type 2 certification ?
According to Rankiteo, Belk does not hold a SOC 2 Type 2 certification.
Does Belk comply with GDPR ?
According to Rankiteo, Belk is not listed as GDPR compliant.
Does Belk have PCI DSS certification ?
According to Rankiteo, Belk does not currently maintain PCI DSS compliance.
Does Belk comply with HIPAA ?
According to Rankiteo, Belk is not compliant with HIPAA regulations.
Does Belk have ISO 27001 certification ?
According to Rankiteo,Belk is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Belk
Belk operates primarily in the Retail industry.
Number of Employees at Belk
Belk employs approximately 12,732 people worldwide.
Subsidiaries Owned by Belk
Belk presently has no subsidiaries across any sectors.
Belk’s LinkedIn Followers
Belk’s official LinkedIn profile has approximately 121,054 followers.
NAICS Classification of Belk
Belk is classified under the NAICS code 43, which corresponds to Retail Trade.
Belk’s Presence on Crunchbase
Yes, Belk has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/belk.
Belk’s Presence on LinkedIn
Yes, Belk maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/belk.
Cybersecurity Incidents Involving Belk
As of April 02, 2026, Rankiteo reports that Belk has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Belk has an estimated 15,730 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Belk ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
How does Belk detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with cybernews (researchers), and communication strategy with filing with new hampshire attorney general’s office..
Incident Details
Can you provide details on each incident ?
Title: DragonForce Ransomware Group Strikes US Retailer Belk in Major Cyberattack
Description: The US department store chain Belk has fallen victim to a cyberattack by the DragonForce ransomware group, involving unauthorized access to corporate systems and sensitive customer data. The breach was disclosed via a filing with the New Hampshire Attorney General’s Office and includes exposed personal and operational data.
Date Publicly Disclosed: 2024-06
Type: Ransomware
Threat Actor: DragonForce ransomware group
Motivation: Financial gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware BELMAR1770616665
Data Compromised: 156GB of company data, including backups and employee profiles
Systems Affected: Corporate systems, mobile app infrastructure, e-commerce services (implied from M&S impact)
Operational Impact: Disruption of online operations, potential supply chain disruptions
Brand Reputation Impact: Significant (stock market value drop for M&S, public disclosure)
Identity Theft Risk: High (exposed PII)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Names, Dates Of Birth, Addresses, Phone Numbers, Email Addresses, Order Histories, Store Coupons, Employee Records, Mobile App Infrastructure Data and .
Which entities were affected by each incident ?
Incident : Ransomware BELMAR1770616665
Entity Name: Belk
Entity Type: Retailer
Industry: Department Store/Retail
Location: United States
Size: Nearly 300 stores, $4 billion revenue (2023)
Customers Affected: Up to 1 million users (estimated)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware BELMAR1770616665
Third Party Assistance: Cybernews (researchers)
Communication Strategy: Filing with New Hampshire Attorney General’s Office
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Cybernews (researchers).
Data Breach Information
What type of data was compromised in each breach ?
Incident : Ransomware BELMAR1770616665
Type of Data Compromised: Names, Dates of birth, Addresses, Phone numbers, Email addresses, Order histories, Store coupons, Employee records, Mobile app infrastructure data
Number of Records Exposed: Up to 1 million users (estimated)
Sensitivity of Data: High (Personally Identifiable Information, employee data)
Data Exfiltration: Yes (156GB of data)
Data Encryption: Yes (ransomware strain)
Personally Identifiable Information: Yes
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware BELMAR1770616665
Ransom Paid: No (refused to pay)
Ransomware Strain: DragonForce
Data Encryption: Yes
Data Exfiltration: Yes (156GB of data)
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Ransomware BELMAR1770616665
Regulatory Notifications: Filing with New Hampshire Attorney General’s Office
References
Where can I find more information about each incident ?
Incident : Ransomware BELMAR1770616665
Source: Cybernews
Incident : Ransomware BELMAR1770616665
Source: New Hampshire Attorney General’s Office
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Cybernews, and Source: New Hampshire Attorney General’s Office.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Filing with New Hampshire Attorney General’s Office.
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Cybernews (researchers).
Additional Questions
General Information
Has the company ever paid ransoms ?
Ransom Payment History: The company has Paid ransoms in the past.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an DragonForce ransomware group.
Incident Details
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-06.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were 156GB of company data and including backups and employee profiles.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Cybernews (researchers).
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were 156GB of company data and including backups and employee profiles.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 1.0M.
Ransomware Information
What was the highest ransom paid in a ransomware incident ?
Highest Ransom Paid: The highest ransom paid in a ransomware incident was No (refused to pay).
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Cybernews and New Hampshire Attorney General’s Office.
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=belk' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
