The ShinyHunters extortion group has leaked personal information belonging to more than 185,000 people after breaching systems connected to convenience store giant 7-Eleven, according to data breach notification service Have I Been Pwned.
7-Eleven, which was founded in 1927, is one of the world’s largest convenience store chains. The company operates, franchises and licenses more than 86,000 stores globally, including around 13,000 locations across the United States and Canada. It also owns or operates brands such as Speedway, Stripes, Laredo Taco Company and Raise the Roost Chicken and Biscuits, while its 7Rewards and Speedy Rewards loyalty programs have more than 100 million members.
The company informed affected customers in breach notification letters sent on May 1 that an unauthorized third party had accessed some of its systems in early April. According to 7-Eleven, the attackers gained access on April 8, 2026, to certain systems used to store franchisee documents.
7-Eleven has not publicly named the threat actor behind the incident or shared detailed technical information about how the breach happened. However, the ShinyHunters extortion gang claimed responsibility for the attack on April 17.

The cybercriminal group claimed it stole more than 600,000 records containing corporate data and personally identifiable information after breaching 7-Eleven’s Salesforce environment. After the company allegedly refused to pay a ransom, the attackers leaked a 9.4GB archive of stolen documents on their dark web leak site.
Have I Been Pwned later analyzed the leaked data and said the breach exposed information belonging to 185,300 people. The exposed data included names, dates of birth, unique email addresses, phone numbers and physical addresses. A small number of records also reportedly contained additional data fields.





