- 7‑Eleven confirms cyberattack exposed customer names, addresses, and other sensitive data through its Salesforce environment
- ShinyHunters claimed responsibility, leaking 9.4GB of stolen records after failed ransom negotiations
- The company is offering identity theft protection and urging customers to monitor accounts and consider fraud alerts or security freezes
Retail giant 7-Eleven has officially confirmed suffering a cyberattack which saw it lose sensitive data on an undisclosed number of individuals.
In a new filing with the Maine Attorney’s General Office, 7-Eleven said the breach took place on April 8, 2026, and that it was discovered on the same day.
While the entry does not state how many people were affected, it does contain a copy of the data breach notification letter sent out to those who are now at risk.
ShinyHunters already leaked the data
In the letter, the company said that the information crooks stole included people’s names, addresses, and “other data elements”. A third-party cybersecurity company was brought in to investigate and tighten up on security, and all affected customers were offered two years of free identity theft protection services and dark web monitoring.
The filing comes weeks after ShinyHunters, the infamous ransomware actors that have breached hundreds of organizations worldwide, claimed responsibility for the attack and even leaked the stolen files on the dark web. As per the listing, ShinyHunters broke in via 7-Eleven’s Salesforce environment:
“Over 600k Salesforce records containing PII and other internal corporate data have been compromised,” the group said, without sharing samples (as is common practice these days).
ShinyHunters gave 7-Eleven until April 21 to reach out and negotiate the deletion of the data in exchange for payment in bitcoin. However, the group ended up leaking an archive of 9.4GB a day after the deadline.
“The company failed to reach an agreement with us despite our incredible patience, all the chances and offers we made. They don’t care,” ShinyHunters said that day.
7-Eleven is now urging its customers to “monitor for any potential misuse of personal information” by reviewing their account statements and monitoring free credit reports. The company also suggests users consider putting a fraud alert or a security freeze.
Via Cybernews
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
https://cdn.mos.cms.futurecdn.net/x4SmwpYXk8yGgDmYCVeckL-2560-80.jpg
Source link
