ShinyHunters claims responsibility for 7-Eleven Salesforce data breach affecting franchisee documents
Summary
Hide ▲
Show ▼
The ShinyHunters threat actor group claimed responsibility for a data breach at 7-Eleven, a global convenience store chain, after infiltrating systems used to store franchisee documents. The intrusion was detected on April 8, 2026, and involved the theft of unspecified personal information submitted during franchise applications. ShinyHunters listed 7-Eleven on its leak site on April 17, alleging the theft of over 600,000 Salesforce records containing personal and corporate data. The group demanded a ransom by April 21 and later attempted to sell the data for $250,000 on a hacker forum.
Timeline
-
18.05.2026 14:25 1 articles · 16h ago
ShinyHunters claims 7-Eleven Salesforce intrusion; demands ransom and attempts to sell stolen data
On April 8, 2026, 7-Eleven detected an intrusion into systems storing franchisee documents. On April 17, ShinyHunters listed the company on its leak site, claiming theft of over 600,000 Salesforce records containing personal and corporate data. The group demanded a ransom by April 21 and later offered the data for sale on a hacker forum for $250,000.
Show sources
- 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand — www.securityweek.com — 18.05.2026 14:25
Information Snippets
-
7-Eleven confirmed a data breach after detecting an intrusion into systems storing franchisee documents on April 8, 2026.
First reported: 18.05.2026 14:251 source, 1 articleShow sources
- 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand — www.securityweek.com — 18.05.2026 14:25
-
The exposed data included unspecified personal information provided during franchise applications, with only two Maine residents confirmed affected.
First reported: 18.05.2026 14:251 source, 1 articleShow sources
- 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand — www.securityweek.com — 18.05.2026 14:25
-
ShinyHunters claimed to have stolen over 600,000 Salesforce records from 7-Eleven, including personal and corporate data.
First reported: 18.05.2026 14:251 source, 1 articleShow sources
- 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand — www.securityweek.com — 18.05.2026 14:25
-
ShinyHunters demanded a ransom by April 21, 2026, and later offered the stolen data for sale on a hacker forum for $250,000.
First reported: 18.05.2026 14:251 source, 1 articleShow sources
- 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand — www.securityweek.com — 18.05.2026 14:25
-
ShinyHunters has targeted Salesforce instances of major organizations since mid-2025, exploiting phishing, third-party integrations, or misconfigurations.
First reported: 18.05.2026 14:251 source, 1 articleShow sources
- 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand — www.securityweek.com — 18.05.2026 14:25
-
ShinyHunters has been linked to recent cyberattacks on Instructure, Vimeo, Wynn Resorts, Vercel, and Medtronic.
First reported: 18.05.2026 14:251 source, 1 articleShow sources
- 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand — www.securityweek.com — 18.05.2026 14:25