The data breach suffered by comfort retailer chain large 7-Eleven in mid-April probably impacts simply over 185,000, breach notification web site HaveIBeenPwned studies.
The incident, 7-Eleven mentioned in a data breach discover filed with the Maine Lawyer Normal’s Workplace earlier this month, occurred on April 8 and concerned techniques containing franchise paperwork.
7-Eleven mentioned that non-public data similar to names and addresses was probably stolen within the assault, however didn’t disclose the variety of doubtlessly affected people.
In mid-April, the notorious extortion group ShinyHunters listed 7-Eleven on its leak web site, claiming to have stolen 600,000 Salesforce information, and demanding a ransom to be paid by April 21. The group later supplied the information on the market on a Russian hacking discussion board.
The allegedly stolen knowledge has since been revealed on-line and added to HaveIBeenPwned, which parsed the dataset and analyzed it.
In response to the web site, the leaked data is in line with 7-Eleven’s assertion on the incident and contains names, addresses, e mail addresses, and dates of start.
The incident, HaveIBeenPwned says, seems to have an effect on roughly 185,300 people. For a small subset, extra knowledge fields had been compromised as properly.
Over the previous yr, ShinyHunters has been concentrating on the Salesforce cases of main organizations, primarily by phishing, third-party integrations, and misconfigurations.
Following a February alert from Mandiant about escalating ShinyHunters-branded exercise, the hacking group claimed duty for assaults in opposition to Instructure, Vimeo, Wynn Resorts, Vercel, and Medtronic.
