7-Eleven confirms breach after ShinyHunters claims

Convenience store giant 7-Eleven said hackers breached a system used to store documents related to franchises.

The company reported the data breach to state regulators in Maine, Vermont and Massachusetts this week but did not say how many people were impacted in total. 

The breach notification letters say 7-Eleven discovered the breach on April 8 and, after an investigation, determined that the cybercriminals gained access to “certain 7-Eleven systems used to store franchisee documents.”

The information stolen includes names, addresses and Social Security numbers. The company did not respond to requests for comment about what other information may have been taken. 

7-Eleven is owned by Japanese retail company Seven & I Holdings and has about 86,000 stores in 19 countries. Almost 10,000 of the U.S. stores are franchises.

The breach notifications come after the ShinyHunters cybercriminal organization claimed it stole troves of information from 7-Eleven held on Salesforce in late April. 

The company was listed alongside dozens of other companies attacked by ShinyHunters last month. 

ShinyHunters has repeatedly targeted data storage tools to steal large amounts of data from high profile companies and recently caused a nationwide scandal with an attack on educational software giant Instructure. 

The attack, which impacted thousands of universities and K-12 schools across the U.S., prompted the FBI to release a guidance document last week urging victims of the group to not pay a ransom. 

“ShinyHunters…is a cyber criminal group specializing in large — scale data breaches and extortion. They target major companies across tech, finance, and retail, often stealing millions of customer records at once,” the FBI said. 

“[ShinyHunters] actors' access to sensitive data could provide them an opportunity to sell the stolen data to other cyber criminals or reuse stolen data from education platforms to impersonate school faculty, IT support, financial aid offices or others in future attacks.”

They urged any organization impacted by a ShinyHunters attack to contact the FBI immediately.