7-Eleven, the world’s largest convenience store chain, has confirmed suffering a data breach after the notorious ShinyHunters hacker group claimed to have stolen information from its systems.
The company has started sending out security incident notices revealing that an intrusion into 7-Eleven systems used to store franchisee documents was detected on April 8.
According to a notification submitted to the Maine Attorney General’s Office, unspecified personal information has been compromised.
The exposed information was provided to the company during franchise applications.
7-Eleven has not disclosed the total number of affected individuals, but said only two Maine residents were impacted. This suggests that the impact of the incident may be limited, at least in terms of personal information compromise.
ShinyHunters listed 7-Eleven on its leak website on April 17, claiming to have stolen more than 600,000 Salesforce records, including personal information and corporate data.
The cybercriminals threatened to leak the data unless a ransom was paid by April 21. They later offered to sell the stolen data for $250,000 on a popular hacker forum.
ShinyHunters has been targeting the Salesforce instances of major organizations since mid-2025, stealing millions of data records. The intrusions resulted from phishing, abuse of third-party integrations, or misconfigurations, rather than vulnerabilities in Salesforce products or systems.
The hacker group and affiliated threat actors recently took credit for attacks on Instructure, Vimeo, Wynn Resorts, Vercel, and Medtronic.
Related: Grafana Confirms Breach After Hackers Claim They Stole Data
Related: Foxconn Confirms North American Factories Hit by Cyberattack
Related: 716,000 Impacted by OpenLoop Health Data Breach
Related: American Lending Center Data Breach Affects 123,000 Individuals
