7-Eleven data breach exposes personal information of more than 185,000 individuals

News27 May 2026

Convenience store giant 7-Eleven suffered a data breach that exposed the personal information of more than 185,000 individuals after attackers gained unauthorized access to internal systems used to store franchisee documents.

The breach occurred on April 8, 2026, and involved systems containing franchise-related records. The compromised information included names, physical addresses, email addresses, phone numbers, and dates of birth. A smaller subset of affected individuals also had additional sensitive information exposed, including Social Security numbers and driver’s license numbers.

Cybersecurity monitoring service Have I Been Pwned identified approximately 185,300 affected individuals after analyzing data that was later published online. The exposed dataset was consistent with disclosures made by 7-Eleven in breach notification filings submitted to state authorities.

7-Eleven, a global convenience store operator founded in 1927, operates, franchises, and licenses more than 86,000 stores worldwide, including approximately 13,000 locations across the United States and Canada. The company also manages brands including Speedway, Stripes, Laredo Taco Company, and Raise the Roost Chicken and Biscuits.

The cyberattack was claimed by the ShinyHunters extortion group, which said it obtained more than 600,000 Salesforce-related records from the company’s systems. The group demanded a ransom payment before later publishing a 9.4GB archive of allegedly stolen data online after negotiations failed.

The leaked records were later added to Have I Been Pwned’s breach database, which confirmed the exposure of unique email addresses alongside personal identifying information.

The incident is part of a broader campaign targeting Salesforce environments and enterprise platforms over the past year. Security researchers have linked ShinyHunters to attacks involving phishing schemes, third-party integrations, and cloud misconfigurations affecting multiple major organizations across technology, retail, healthcare, and media sectors.

7-Eleven notified affected individuals in May and stated that unauthorized access had been limited to certain systems used to store franchisee documentation. The company has not publicly attributed the breach to a specific threat actor.