7-Eleven confirms cyberattack, says 'personal information' may have been hit

In a new filing with the Maine Attorney’s General Office, 7-Eleven said the breach took place on April 8, 2026, and that it was discovered on the same day.

While the entry does not state how many people were affected, it does contain a copy of the data breach notification letter sent out to those who are now at risk.

ShinyHunters already leaked the data

In the letter, the company said that the information crooks stole included people’s names, addresses, and “other data elements”. A third-party cybersecurity company was brought in to investigate and tighten up on security, and all affected customers were offered two years of free identity theft protection services and dark web monitoring.

The filing comes weeks after ShinyHunters, the infamous ransomware actors that have breached hundreds of organizations worldwide, claimed responsibility for the attack and even leaked the stolen files on the dark web. As per the listing, ShinyHunters broke in via 7-Eleven’s Salesforce environment:

“Over 600k Salesforce records containing PII and other internal corporate data have been compromised,” the group said, without sharing samples (as is common practice these days).

ShinyHunters gave 7-Eleven until April 21 to reach out and negotiate the deletion of the data in exchange for payment in bitcoin. However, the group ended up leaking an archive of 9.4GB a day after the deadline.

“The company failed to reach an agreement with us despite our incredible patience, all the chances and offers we made. They don't care,” ShinyHunters said that day.

7-Eleven is now urging its customers to “monitor for any potential misuse of personal information” by reviewing their account statements and monitoring free credit reports. The company also suggests users consider putting a fraud alert or a security freeze.

Via Cybernews