7-Eleven franchisee-docs and Salesforce data leak
Data Leak
Summary
Hide ▲
Show ▼
7-Eleven confirmed a April 8, 2026 intrusion into systems used to store franchisee documents, and ShinyHunters later claimed the theft of more than 600,000 Salesforce records before posting a 9.4GB archive on its leak site when ransom demands were not met. Have I Been Pwned later estimated the breach exposed personal information for 185,300 people, including names, dates of birth, email addresses, phone numbers, and physical addresses. The Happening now reflects a confirmed extortion-driven data leak affecting both franchisee records and Salesforce data.
Related Happenings
7-Eleven hit by network compromise
Incident
First: 19.05.2026 17:16
Last: 19.05.2026 17:16
Sources 1
How related:
We recently discovered that on April 8, 2026, an unauthorized third party gained access to certain 7-Eleven systems used to store franchisee documents,
About this happening:
**7-Eleven** is a **victim-focused breach incident** in which an **unauthorized third party** accessed systems used to store **franchisee documents** on **April 8, 2026**, trigger...
7-Eleven hit by network compromise
IncidentHow related: We recently discovered that on April 8, 2026, an unauthorized third party gained access to certain 7-Eleven systems used to store franchisee documents,
About this happening: **7-Eleven** is a **victim-focused breach incident** in which an **unauthorized third party** accessed systems used to store **franchisee documents** on **April 8, 2026**, trigger...
BlackFile victims' Salesforce and SharePoint data leak
Data Leak
First: 24.04.2026 21:26
Last: 24.04.2026 21:26
Sources 1
About this happening:
BlackFile's **stolen documents** were published on a **dark web leak site**, exposing employee and business records taken from **Salesforce** and **SharePoint** environments. The...
BlackFile victims' Salesforce and SharePoint data leak
Data LeakAbout this happening: BlackFile's **stolen documents** were published on a **dark web leak site**, exposing employee and business records taken from **Salesforce** and **SharePoint** environments. The...
France Titres ANTS portal user data leak
Data Leak
First: 24.04.2026 17:31
Last: 24.04.2026 17:31
Sources 1
About this happening:
France Titres confirmed a **security breach** on the **ANTS portal** that may have exposed **millions of users**, and a **database for sale** claim suggests the exposure could be...
France Titres ANTS portal user data leak
Data LeakAbout this happening: France Titres confirmed a **security breach** on the **ANTS portal** that may have exposed **millions of users**, and a **database for sale** claim suggests the exposure could be...
Cookeville Regional Medical Center patient records leak
Data Leak
First: 16.04.2026 18:01
Last: 16.04.2026 18:01
Sources 1
About this happening:
**Cookeville Regional Medical Center** disclosed a **data leak** affecting **337,917 patients**, exposing personal and medical records and raising identity-theft risk. Files were...
Cookeville Regional Medical Center patient records leak
Data LeakAbout this happening: **Cookeville Regional Medical Center** disclosed a **data leak** affecting **337,917 patients**, exposing personal and medical records and raising identity-theft risk. Files were...
Cookeville Regional Medical Center data leak on Rhysida leak site
Data Leak
First: 16.04.2026 15:40
Last: 16.04.2026 15:40
Sources 1
About this happening:
The **Rhysida** group’s posting of **Cookeville Regional Medical Center (CRMC)** data exposed sensitive personal, financial, and medical records tied to **more than 337,000 people...
Cookeville Regional Medical Center data leak on Rhysida leak site
Data LeakAbout this happening: The **Rhysida** group’s posting of **Cookeville Regional Medical Center (CRMC)** data exposed sensitive personal, financial, and medical records tied to **more than 337,000 people...
Timeline
-
26.05.2026 10:01 1 articles · 1d ago
Have I Been Pwned estimates 185,300 people exposed in 7-Eleven breach
Victim Impact UpdateHave I Been Pwned analyzed the leaked 7-Eleven data and estimated that the breach exposed personal information for 185,300 people, including names, dates of birth, unique email addresses, phone numbers, and physical addresses. The exposed archive was tied to ShinyHunters' extortion campaign against 7-Eleven and followed the group's leak-site posting after ransom demands were not met.
Show sources
- 7-Eleven data breach exposes personal information of 185,000 people — www.bleepingcomputer.com — 26.05.2026 10:01
-
18.05.2026 14:25 2 articles · 9d ago
7-Eleven detects franchisee-document intrusion
Initial Disclosure7-Eleven detected an intrusion into systems used to store franchisee documents and later disclosed that unspecified personal information had been compromised, with a notice to the Maine Attorney General’s Office saying two Maine residents were affected.
Show sources
- 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand — www.securityweek.com — 18.05.2026 14:25
- 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand — www.securityweek.com — 18.05.2026 14:25
-
18.05.2026 14:25 1 articles · 9d ago
ShinyHunters claims stolen Salesforce records from 7-Eleven
Campaign Scope UpdateShinyHunters added 7-Eleven to its leak website and claimed theft of more than 600,000 Salesforce records containing personal information and corporate data, broadening the exposed data set beyond franchisee-document storage.
Show sources
- 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand — www.securityweek.com — 18.05.2026 14:25
-
18.05.2026 14:25 2 articles · 9d ago
ShinyHunters sets April 21 leak deadline
Campaign Scope UpdateShinyHunters threatened to leak the stolen 7-Eleven data unless a ransom was paid by April 21, turning the data compromise into an extortion deadline tied to the stolen franchisee and Salesforce records.
Show sources
- 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand — www.securityweek.com — 18.05.2026 14:25
- 7-Eleven confirms data breach claimed by the ShinyHunters gang — www.bleepingcomputer.com — 19.05.2026 17:16