Last Update: 06/03/2026 at 4:25 AM EST
7-Eleven Breach And ShinyHunters Extortion
Coverage from BleepingComputer, CybersecurityNews, and others
Articles
37
Latest Article
05/30
Active Days
50
Executive Summary
Recent reporting shows 7-Eleven dealing with a breach affecting franchisee and applicant records, while ShinyHunters escalates the incident through leak-site claims and data publication tied to Salesforce access and extortion pressure.
Key Points
- The strongest signal is a 7-Eleven breach involving systems that stored franchisee documents and applicant records.
- ShinyHunters repeatedly appears as the extortion actor, claiming responsibility, demanding payment, and posting alleged stolen data.
- The reported access path points to cloud and SaaS infrastructure, especially Salesforce-linked environments and related third-party services.
- The exposed data appears to include personal identifiers such as names, addresses, phone numbers, dates of birth, email addresses, and in some accounts Social Security numbers or tax ID fragments.
- The incident moved from breach disclosure to public leak publication, suggesting escalation from unauthorized access to active data exposure.
- 7-Eleven and reporting sources describe the affected material as mostly franchisee or applicant data, with no clear evidence of payment-card compromise in the material provided.
- The topic remains coherent and dense, with a narrow focus on one incident rather than a broad mix of unrelated privacy issues.
Featured Article
ShinyHunters claimed stolen Salesforce records from 7-Eleven, and 7-Eleven confirmed unauthorized access to franchisee document systems on April 8, 2026.
Coverage Timeline: 50 Days
Hover over any logo to see coverage summary, click for full article.
Additional Articles
⭐⭐⭐⭐⭐
ShinyHunters claimed a Salesforce misconfiguration led to theft of 13.5 million McGraw Hill accounts, exposing PII for potential spear-phishing and extortion threats.
7-Eleven disclosed an April 2026 Salesforce-linked data breach after ShinyHunters claimed responsibility and leaked PII affecting about 185,300 people.
ADT confirmed a data breach in an SEC filing on April 24, 2026 after a ShinyHunters claim of more than 10 million customer records.
ShinyHunters published an alleged Rockstar Games data leak in 2020s, claiming access via stolen authentication tokens from an Anodot incident impacting Snowflake-linked analytics and support data.
ShinyHunters claimed a hack-and-extortion attack on 7-Eleven in April, and Have I Been Pwned flagged 185,000+ affected people with sensitive identity data.
7-Eleven notified Maine, Vermont, and Massachusetts regulators in connection with an April 8 intrusion that exposed franchisee documents containing Social Security numbers.
ShinyHunters published stolen 7-Eleven franchise applicant records on May 24 after a breach discovered April 8 exposed SSNs and driver license details for more than 185,000 people.
7-Eleven disclosed a spring intrusion discovered April 8, and Massachusetts, Maine, and Vermont filings reported exposure of franchisee names, addresses, and some SSNs and driver’s license data.
On April 8, 2026, 7-Eleven reported a franchise application systems breach that exposed Social Security and driver's license data for some franchisees, with notifications sent May 1 and regulator filings in Maine, Vermont, and Massachusetts mid-May.
7-Eleven disclosed an April 8 data breach in Maine involving unauthorized access to franchise application systems, with ShinyHunters claiming responsibility.
7-Eleven confirmed a May 2026 ShinyHunters breach that exposed over 600,000 Salesforce records containing franchisee PII, with notices going to Maine and Massachusetts.
ShinyHunters announced April 2026 access to Rockstar Games' Snowflake environment through Anandot, with vendor credential privilege described as the pivot enabling data exfiltration.
⭐⭐⭐
ShinyHunters claimed a 7-Eleven ransomware-linked Salesforce breach on April 17, followed by a May 1 notification effort after dark web data leakage.
ADT reported an April 20 intrusion exposing customer PII, while ShinyHunters claimed over 10 million Salesforce records were stolen after talks with ADT failed.
7-Eleven disclosed a 2026 cyberattack discovered April 8 that exposed about 185,000 franchise applicant records, after ShinyHunters claimed responsibility.
7-Eleven notified the Maine Attorney General in 2026 and started letters May 1 after unauthorized access exposed franchise application personal data.
McGraw Hill confirmed a Salesforce-hosted data breach in 2020s reporting, attributed to ShinyHunters, after misconfiguration exposed millions of accounts' contact details.
7-Eleven reported an April 8 data breach affecting 50 franchisees in Massachusetts, Vermont, and Maine through unauthorized access to franchisee document systems.
ShinyHunters demanded payment from Rockstar Games on April 11 and released leaked documents allegedly detailing GTA Online and Red Dead Online financial metrics.
ShinyHunters released a ZenBusiness dataset in April 2026 after March 2026 extortion claims involving Snowflake, Mixpanel, and Salesforce and exposure of about 5 million email addresses.
ShinyHunters targeted Cushman and Wakefield in May 2026 with pay or leak extortion and published alleged corporate contact data.
ShinyHunters published leaked personal data from 7-Eleven in April 2026, exposing 185,000 unique email addresses and additional identifiers tied to franchisee documents.
ADT disclosed a ShinyHunters-linked data breach on April 20 detection after a dark web leak threat, exposing limited customer personally identifying information.
ADT said a breach detected April 20 exposed customer and prospective customer identifiers and led to forensic investigation and notifications after ShinyHunters ransom threats.
ADT disclosed an April 20 data breach linked to ShinyHunters after dark-web extortion threats, exposing names, phone numbers, and addresses in some cases.
ADT detected a ShinyHunters-linked intrusion on April 20, exposing limited customer data and triggering forensic investigation and identity-protection offers.
ShinyHunters published April 2026 leaked data from a 7-Eleven extortion campaign affecting 185k unique email addresses and other personal fields.
Rockstar reported no player data impact after a third-party cloud or analytics compromise, with privacy response guidance focused on incident scope and leak-threat handling.
ShinyHunters set an April 14 deadline for Rockstar Games after a reported third-party breach tied to stolen authentication tokens used for cloud platform access.
ShinyHunters set an April 14 deadline for payment tied to alleged Rockstar Games Snowflake compromise via Anodot.com, while Rockstar described limited non-material third-party breach access.
Rockstar Games confirmed limited third-party breach access to non-material information in 2020s reporting involving Anodot and Snowflake authentication tokens.
Rockstar Games confirmed an unauthorized access incident linked to a third-party analytics tool, denying compromise of player data and GTA 6 source code.
Rockstar Games disclosed a third-party breach after ShinyHunters claimed access via analytics platform Anodot and issued a leak threat.
Rockstar Games confirmed a third-party vendor breach on April 11 involving Anodot access to Snowflake servers after a hacking group claim.
Rockstar Games confirmed a third-party breach involving alleged authentication-token access to its Snowflake instance via compromised Anodot after ShinyHunters claims in a reported extortion attempt.
ShinyHunters told BBC it breached Rockstar Games' Snowflake data warehouse using Anodot and planned data publication after an unmet April 14 ransom demand.