- 7‑Eleven confirms that customer names, addresses and other sensitive data were exposed to cyberattacks through its Salesforce environment
- ShinyHunters Claimed Responsibility, Leaking 9.4GB of Stolen Records After Failed Ransom Negotiations
- The company offers protection against identity theft and encourages customers to monitor accounts and consider fraud alerts or security freezes.
Retail giant 7-Eleven has officially confirmed that it suffered a cyberattack in which it lost confidential data of an undisclosed number of people.
In a new filing with the Maine Attorney General’s Office, 7-Eleven said the breach took place on April 8, 2026, and was discovered the same day.
While the entry does not indicate how many people were affected, it does contain a copy of the data breach notification letter sent to those now at risk.
ShinyHunters already leaked the data
In the letter, the company said the information the criminals stole included people’s names, addresses and “other data elements.” A third-party cybersecurity company was hired to investigate and strengthen security, and all affected customers were offered two years of free identity theft protection and dark web monitoring services.
The filing comes weeks after ShinyHunters, the infamous ransomware actors who have breached hundreds of organizations around the world, claimed responsibility for the attack and even leaked the stolen files on the dark web. According to the listing, ShinyHunters broke through 7-Eleven’s Salesforce environment:
“More than 600,000 Salesforce records containing PII and other internal corporate data have been compromised,” the group said, without sharing samples (as is common practice these days).
ShinyHunters gave 7-Eleven until April 21 to communicate and negotiate deletion of the data in exchange for payment in bitcoin. However, the group ended up leaking a 9.4GB file a day after the deadline.
“The company failed to reach an agreement with us despite our incredible patience and all the opportunities and offers we made to them. They don’t care,” ShinyHunters said that day.
7-Eleven now urges its customers to “keep an eye on any potential misuse of personal information” by reviewing their account statements and monitoring free credit reports. The company also suggests users consider putting a fraud alert or security freeze.
Through cyber news
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to receive news, reviews and opinions from our experts in your feeds.
