M&S confirmed that a sophisticated impersonation attack led to a ransomware breach of their network, attributed to the DragonForce ransomware operation. The attackers tricked a third-party IT support company into resetting an employee's password, allowing access to M&S systems, which resulted in data theft and system shutdowns. M&S has not disclosed whether a ransom was paid or not, citing public interest concerns.

DragonForce ransomware group has claimed responsibility for a cyberattack on Belk, resulting in the theft of over 150 gigabytes of data. The attack, which occurred in May, led to significant disruptions in both online and physical operations for the department store chain. Belk has since taken measures to secure its systems, including disconnecting affected networks and rebuilding compromised systems.