7-Eleven Data Breach Affects Over 185,000 Customers

Retail chain 7-Eleven confirmed a data breach affecting over 185,000 customers. The incident was discovered in April when attackers gained unauthorized access to an internal company server containing franchise documents.

The breach compromised personal data, including names, birth dates, physical addresses, phone numbers, and email addresses. In some cases, Social Security numbers and driver’s license details were also exposed, as indicated in notices filed with the attorneys general of Maine and Massachusetts.

The hacking group ShinyHunters, known for previous ransomware attacks, claimed responsibility. According to Have I Been Pwned, which tracks data breaches, the attackers threatened to publish the information if their demands were not met.

Jim Castle, 7-Eleven’s Chief Information Security Officer, acknowledged the incident but did not disclose details on measures taken to protect affected customers. The breach highlights growing cybersecurity risks for large retail chains, even those not primarily focused on IT.