ShellCodeX Breach Report
7-Eleven Data Breach
7-eleven.com
Verified breach
Accounts exposed
185,256
Breach date
08 Apr 2026
Added to tracker
24 May 2026
Data classes
5
What happened
In April 2026, 7-Eleven was the victim of a "pay or leak" extortion campaign by ShinyHunters, with the data later published that month. The incident exposed 185k unique email addresses, along with names, physical addresses, dates of birth and phone numbers. A small number of records also contained additional exposed data fields. The company later advised the breach was limited to "certain 7-Eleven systems used to store franchisee documents", a statement consistent with the exposed data.
Exposed data
Dates of birth
Email addresses
Names
Phone numbers
Physical addresses
Recommended actions
- Watch for targeted phishing emails referencing 7-Eleven โ attackers weaponise breach data quickly.
- Stay alert for smishing (SMS phishing) and SIM-swap attempts using your phone number.
- Exposed identity data raises identity-theft risk โ consider credit monitoring or a credit freeze.
- Check whether your email address appears in this breach on haveibeenpwned.com.
Am I affected?
Check whether your email address appears in this breach.
Check on HIBP