Home · Live brief · Weekly 2026-W21
7-Eleven — ShinyHunters Salesforce campaign claims another 600,000+ records
notable incident discovered 2026-05-18 05:00 UTC single-source
Entities: ShinyHunters Medtronic
Part of run 2026-W21-473d6fa5 (weekly · Claude Opus 4.7)
7-Eleven confirmed on 2026-05-18 that an unauthorised third party accessed franchise-application records (600,000+) in a breach ShinyHunters claimed in April 2026. The operational point for this audience is the campaign, not the victim: 7-Eleven joins Instructure, Vimeo, Wynn Resorts, Vercel and Medtronic as named victims of the same Salesforce-targeting ShinyHunters operation. Any organisation with Salesforce connected apps and OAuth-integrated third parties should re-audit connected-app scopes and refresh-token lifetimes.