Convenience store giant 7-Eleven has been hit by a significant data breach that potentially affects over 185,000 individuals, according to a report by HaveIBeenPwned. The breach, which occurred in early April, involved sensitive information stored in franchise-related systems.
Details of the Data Breach
In a notice filed with the Maine Attorney General’s Office, 7-Eleven confirmed that the breach took place on April 8. The compromised systems reportedly contained franchise documents, and the stolen data includes personal details such as names and addresses. Despite the company’s disclosure, the exact number of affected individuals was not initially provided.
Cybersecurity group ShinyHunters, known for its extortion tactics, claimed responsibility for the breach. They initially demanded a ransom for the stolen data, which they alleged included 600,000 Salesforce records. When the ransom was not paid by the specified deadline of April 21, the data was subsequently listed for sale on a Russian hacking forum.
Impact and Analysis
Following the breach, the stolen data surfaced online, where HaveIBeenPwned processed and analyzed the information. The analysis confirmed that names, addresses, email addresses, and birth dates were among the leaked details. Approximately 185,300 individuals have been affected, with additional information fields compromised for a minor subset of victims.
ShinyHunters has been actively targeting Salesforce instances of various organizations, exploiting vulnerabilities such as phishing, third-party integrations, and system misconfigurations. This incident adds to a string of similar breaches attributed to the group over the past year.
Broader Implications and Response
In February, cybersecurity firm Mandiant issued an alert regarding the increasing activities of ShinyHunters. The group has since taken credit for multiple high-profile attacks, including those against companies like Instructure, Vimeo, Wynn Resorts, Vercel, and Medtronic.
This breach underscores the critical need for robust cybersecurity measures, especially for organizations relying on third-party platforms like Salesforce. Companies are urged to review their security protocols to prevent similar incidents in the future.
As the investigation continues, affected individuals are advised to monitor their personal information closely and take appropriate steps to secure their data.
