7-Eleven disclosed that attackers accessed systems used to store franchisee documents, with stolen data including names, addresses, and Social Security numbers. The company said it discovered the breach on April 8 and reported it to state regulators in Maine, Vermont, and Massachusetts. The disclosure follows ShinyHunters' late-April claim that it stole 7-Eleven data allegedly stored on Salesforce.
Why it matters: The breach exposes sensitive personal data tied to U.S. franchise operations, creating identity theft and follow-on phishing risk for affected individuals. Defenders and franchisees should watch for extortion fallout, credential abuse, and notices clarifying scope and attack path.
Ionut Arghire
2026.05.26
98% relevant
This is the same underlying April 2026 7-Eleven breach involving franchise-document systems and ShinyHunters' claimed theft of Salesforce records. The article adds a likely victim count from HaveIBeenPwned (about 185,300 people) and says the leaked data includes names, addresses, email addresses, and dates of birth, with some records containing additional fields.
Sergiu Gatlan
2026.05.26
98% relevant
This is the same April 2026 7-Eleven breach of systems used to store franchisee documents; the new reporting adds an estimated victim count of 185,300 people from Have I Been Pwned and specifies exposed fields including names, dates of birth, email addresses, phone numbers, and physical addresses, while reiterating ShinyHunters' claimed link to a Salesforce-related compromise.
2026.05.20
100% relevant
This article establishes a distinct breach event at 7-Eleven and provides the first concrete confirmation of stolen franchisee data following ShinyHunters' public claims.
← Back to all stories