7-Eleven has confirmed that its internal systems were breached in April 2026, exposing personal information linked to franchisee application records. The disclosure of 7-Eleven data breach comes weeks after the ShinyHunters ransomware group listed the retailer as part of its latest “pay-or-leak” extortion campaign.

The company has started notifying affected individuals through a formal “Notice of Security Incident,” according to a filing submitted to the Maine Attorney General’s Office on May 15.

In the notification letter, 7-Eleven stated that it discovered the breach on April 8, 2026, after an unauthorized third party gained access to systems used to store franchisee documents.

The comp...