In April 2026, the ShinyHunters cybercriminal group breached 7-Eleven's Salesforce environment through a voice phishing attack, stealing the personal information of over 185,000 people. If you're a 7-Eleven franchisee, employee, or customer whose data was stored in their systems, here's exactly what you need to do to protect yourself.
What Happened in the 7-Eleven Breach
On April 8, 2026, 7-Eleven discovered that an unauthorized third party had gained access to certain internal systems used to store franchisee documents. The ShinyHunters extortion gang claimed responsibility on April 17, stating they had stolen over 600,000 records containing corporate data and personally identifiable information.
After 7-Eleven refused to pay a ransom, ShinyHunters published a 9.4 GB archive of stolen documents on their dark web leak site. The company began notifying affected individuals via data breach notification letters on May 1, 2026.
What Information Was Exposed
According to breach reports and notifications, the stolen data includes:
- Full names and physical addresses
- Email addresses (approximately 185,000 unique addresses)
- Phone numbers
- Dates of birth
- Social Security numbers (for some individuals)
Critical Risk: Social Security Numbers
If your Social Security number was included in the breach, you face elevated risk of identity theft, tax fraud, and fraudulent credit applications. Take immediate action by freezing your credit at all three bureaus.
Step 1: Determine If You're Affected
7-Eleven sent data breach notification letters to affected individuals beginning May 1, 2026. You may be affected if you are or were:
- A 7-Eleven franchisee or franchise applicant
- An employee whose records were stored in the compromised Salesforce environment
- A vendor or business partner who submitted personal documents
Check your email (including spam folders) for official notifications from 7-Eleven. You can also check haveibeenpwned.com to see if your email address appears in the breach dataset.
Step 2: Freeze Your Credit Immediately
A credit freeze prevents anyone from opening new accounts in your name. Contact all three bureaus:
- Equifax: Call 1-800-685-1111 or visit equifax.com/personal/credit-report-services/credit-freeze
- Experian: Call 1-888-397-3742 or visit experian.com/freeze
- TransUnion: Call 1-888-909-8872 or visit transunion.com/credit-freeze
Credit freezes are free, permanent until you lift them, and take about 10 minutes to set up across all three bureaus.
Step 3: Change Your Passwords
If you have any 7-Eleven accounts (including 7Rewards or the 7NOW delivery app), change your passwords immediately. Also change passwords on any other account where you used the same email and password combination.
Use a password manager to generate strong, unique passwords for each account. Enable two-factor authentication wherever available.
Skip the manual opt-outs
One opt-out won't stop them — brokers relist your data. PrivacyOn removes your info from 100+ sites and keeps it removed.
Start your free scanStep 4: Monitor Your Financial Accounts
Review your bank statements, credit card statements, and credit reports for any unfamiliar activity. Set up transaction alerts with your bank and credit card companies so you're notified of any new charges in real time.
You're entitled to free weekly credit reports from all three bureaus at AnnualCreditReport.com. Check these regularly for accounts you don't recognize.
Step 5: Watch for Follow-Up Scams
After any major breach, scammers often impersonate the breached company in phishing attempts. Be extremely cautious of:
- Emails claiming to be from 7-Eleven asking you to "verify your identity"
- Phone calls from people claiming to be 7-Eleven representatives
- Text messages with links to "check if you're affected"
How to Verify Legitimate Communications
7-Eleven will never ask for your password, Social Security number, or financial information via email or phone. If you receive a suspicious communication, contact 7-Eleven directly through their official website or the number on your franchise agreement.
Step 6: Place a Fraud Alert
If you believe your information has been misused, place a fraud alert with one of the three credit bureaus (they're required to notify the other two). An initial fraud alert lasts one year and requires creditors to take extra steps to verify your identity before opening new accounts.
For victims of confirmed identity theft, an extended fraud alert lasts seven years. You'll need to file an identity theft report with the FTC at IdentityTheft.gov to qualify.
Step 7: File an FTC Report
If you discover any signs of identity theft, file a report at IdentityTheft.gov. This creates an official record and provides you with a personalized recovery plan. The FTC report can also be used as proof when disputing fraudulent accounts with creditors.
Long-Term Protection
Data breaches like the 7-Eleven incident often have lasting consequences. Your stolen information can be sold, traded, and reused for years on the dark web. A service like PrivacyOn can help by continuously monitoring over 100 data broker sites for your personal information and automatically requesting removals when your data appears. This reduces your exposure from both the breach itself and the secondary data broker ecosystem that profits from leaked information.
Combined with dark web monitoring, you'll be alerted if your compromised data surfaces in new contexts, giving you time to act before it's exploited.