Belk Vendor Cyber Rating & Cyber Score

belkcareers.com
ISOSOC2 Type 1SOC2 Type 2PCI DSSHIPAAGDPR

Charlotte-based Belk, Inc., a privately-owned department store, began when William Henry Belk opened his first store in 1888 with his brother, Dr. John Belk, joining as a partner. What started as two brothers in business has now grown into a legacy of selling great products at great prices, treating customers like family, and giving back to the community. Throughout the years, we’ve changed and grown in so many ways. We’ve added exciting products, adapted the way we work, and made it easier to shop with new technology and services. Today, Belk serves customers at nearly 300 Belk stores in 16 Southeastern states, at belk.com, and through the mobile app.

Belk A.I CyberSecurity Scoring

Belk

Company Details

Linkedin ID:

belk

Website:

https://www.belkcareers.com/

Employees number:

12,732

Number of followers:

121,054

NAICS:

43

Industry Type:

Retail

Homepage:

belkcareers.com

IP Addresses:

1

Company ID:

BEL_1829420

Scan Status:

In-progress

AI scoreBelk Risk Score (AI oriented)

Between 650 and 699

https://images.rankiteo.com/companyimages/belk.jpeg
Belk Retail
Updated:
  • Powered by our proprietary A.I cyber incident model
  • Insurance preferes TPRM score to calculate premium
Get a Score Increase
globalscoreBelk Global Score (TPRM)

XXXX

https://images.rankiteo.com/companyimages/belk.jpeg
Belk Retail
  • Instant access to detailed risk factors
  • Benchmark vs. industry & size peers
  • Vulnerabilities
  • Findings

Belk

Weak
Current Score
677
B (Weak)
01000
1 incidents
-132.0 avg impact

Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.

APRIL 2026
677
MARCH 2026
675
FEBRUARY 2026
673
JANUARY 2026
673
DECEMBER 2025
671
NOVEMBER 2025
669
OCTOBER 2025
666
SEPTEMBER 2025
664
AUGUST 2025
662
JULY 2025
791
Ransomware
15 Jul 2025 • Belk and Marks & Spencer: Marks & Spencer hackers hit US retailer Belk
DragonForce Ransomware Group Strikes US Retailer Belk in Major Cyberattack

**DragonForce Ransomware Group Strikes US Retailer Belk in Major Cyberattack** The US department store chain **Belk** has fallen victim to a cyberattack by the **DragonForce ransomware group**, the same threat actor behind the recent **£300 million ($403 million) attack on UK retailer Marks & Spencer (M&S)**. The breach, disclosed in early June via a filing with the **New Hampshire Attorney General’s Office**, involved unauthorized access to corporate systems and sensitive customer data. Researchers from **Cybernews** confirmed the legitimacy of the leak, which includes **names, dates of birth, addresses, phone numbers, email addresses, and order histories** data that could be exploited by malicious actors, data brokers, or insurance companies for profiling. The exposed information also encompasses **store coupons, employee records, and data from Belk’s mobile app infrastructure**. While the exact number of affected individuals remains unclear, estimates suggest **up to a million users** may be impacted, though some accounts are likely test profiles. DragonForce, which first emerged in **2023**, has rapidly expanded its operations, targeting **104 organizations in the past year**. The group operates a **dark web blog** where it lists victims and shares stolen data. In Belk’s case, attackers claim to have exfiltrated **156GB of company data**, including backups and employee profiles. The gang initially stated it had no intention of "destroying" Belk’s business but resorted to destructive measures after the company refused to pay the ransom. The attack has had **significant financial repercussions** for M&S, forcing its online clothing operations offline, disrupting food supply chains, and wiping **over £1 billion from its stock market value**. Online sales and trading profits in the affected division have been "heavily impacted" due to the suspension of e-commerce services. Belk, founded in **1888**, operates nearly **300 stores across 16 US states** and reported **$4 billion in revenue last year**. The incident underscores the growing threat posed by ransomware groups like DragonForce, which has also **hijacked infrastructure from rival gangs** such as **BlackLock, Mamona, and RansomHub** in a bid to dominate the cybercriminal landscape.

659
critical -132
BELMAR1770616665
Incident Details -
Type
Ransomware
Motivation
Financial gain
Impact
Data Compromised: 156GB of company data, including backups and employee profiles Systems Affected: Corporate systems, mobile app infrastructure, e-commerce services (implied from M&S impact) Operational Impact: Disruption of online operations, potential supply chain disruptions Brand Reputation Impact: Significant (stock market value drop for M&S, public disclosure) Identity Theft Risk: High (exposed PII)
Response
Third Party Assistance: Cybernews (researchers) Communication Strategy: Filing with New Hampshire Attorney General’s Office
Data Breach
Names Dates of birth Addresses Phone numbers Email addresses Order histories Store coupons Employee records Mobile app infrastructure data Number Of Records Exposed: Up to 1 million users (estimated) Sensitivity Of Data: High (Personally Identifiable Information, employee data) Data Exfiltration: Yes (156GB of data) Data Encryption: Yes (ransomware strain) Personally Identifiable Information: Yes
Regulatory Compliance
Regulatory Notifications: Filing with New Hampshire Attorney General’s Office
Initial Access Broker
Data Sold On Dark Web: Potential (group operates dark web blog)
References
Blog URL Source URL
JUNE 2025
791
MAY 2025
791

Frequently Asked Questions

According to Rankiteo, the current A.I.-based Cyber Score for Belk is 677, which corresponds to a Weak rating.

According to Rankiteo, the A.I. Rankiteo Cyber Score for March 2026 was 675.

According to Rankiteo, the A.I. Rankiteo Cyber Score for February 2026 was 673.

According to Rankiteo, the A.I. Rankiteo Cyber Score for January 2026 was 673.

According to Rankiteo, the A.I. Rankiteo Cyber Score for December 2025 was 671.

According to Rankiteo, the A.I. Rankiteo Cyber Score for November 2025 was 669.

According to Rankiteo, the A.I. Rankiteo Cyber Score for October 2025 was 666.

According to Rankiteo, the A.I. Rankiteo Cyber Score for September 2025 was 664.

According to Rankiteo, the A.I. Rankiteo Cyber Score for August 2025 was 662.

According to Rankiteo, the A.I. Rankiteo Cyber Score for July 2025 was 791.

According to Rankiteo, the A.I. Rankiteo Cyber Score for June 2025 was 791.

According to Rankiteo, the A.I. Rankiteo Cyber Score for May 2025 was 791.

Over the past 12 months, the average per-incident point impact on Belk’s A.I Rankiteo Cyber Score has been -132.0 points.

You can access Belk’s cyber incident details on Rankiteo by visiting the following link: https://www.rankiteo.com/company/belk.

You can find the summary of the A.I Rankiteo Risk Scoring methodology on Rankiteo by visiting the following link: Rankiteo Algorithm.

You can view Belk’s profile page on Rankiteo by visiting the following link: https://www.rankiteo.com/company/belk.

With scores of 18.5/20 from OpenAI ChatGPT, 20/20 from Mistral AI, and 17/20 from Claude AI, the A.I. Rankiteo Risk Scoring methodology is validated as a market leader.