securityweek.com - DragonForce says it stole more than 150 gigabytes of data from US department store chain Belk in a May cyberattack

The DragonForce ransomware gang has claimed responsibility for a disruptive cyberattack on US department store chain Belk.

The incident was identified on May 8 and prompted Belk to disconnect affected systems, restrict network access, reset passwords, and rebuild impacted systems, which disrupted the chain’s online and physical operations for several days. The company’s online store is still offline at the time of publication.

Belk’s investigation into the attack determined that hackers had access to its network between May 7 and May 11, and that they exfiltrated certain documents, including files containing personal information.

In a data breach notification submitted to the New Hampshire Attorney General’s Office, Belk said at least names and Social Security numbers were compromised in the attack.

The company is providing the impacted individuals with 12 months of free credit monitoring and identity restoration services, which also include up to $1 million identity theft insurance.

The company has not named the group responsible for the attack, but the DragonForce ransomware gang has claimed the incident on Monday, adding Belk to its Tor-based leak site.