7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand

7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand

Briefly

"7-Eleven has started sending out security incident notices revealing that an intrusion into 7-Eleven systems used to store franchisee documents was detected on April 8. According to a notification submitted to the Maine Attorney General's Office, unspecified personal information has been compromised. The exposed information was provided to the company during franchise applications."

"7-Eleven has not disclosed the total number of affected individuals, but said only two Maine residents were impacted. This suggests that the impact of the incident may be limited, at least in terms of personal information compromise. ShinyHunters listed 7-Eleven on its leak website on April 17, claiming to have stolen more than 600,000 Salesforce records, including personal information and corporate data."

"The cybercriminals threatened to leak the data unless a ransom was paid by April 21. They later offered to sell the stolen data for $250,000 on a popular hacker forum. ShinyHunters has been targeting the Salesforce instances of major organizations since mid-2025, stealing millions of data records."

"The intrusions resulted from phishing, abuse of third-party integrations, or misconfigurations, rather than vulnerabilities in Salesforce products or systems. The hacker group and affiliated threat actors recently took credit for attacks on Instructure, Vimeo, Wynn Resorts, Vercel, and Medtronic."