According to data breach notification service Have I Been Pwned, the data breach at convenience store chain 7-Eleven affected more than 185,000 people, including their names, dates of birth, and addresses.
A data breach reported in April also included phone numbers and email addresses.
Have I Been Pwned, which collects caches of data breaches and alerts affected individuals that their data has been compromised, said in a new listing that 7-Eleven was the victim of a hacking and extortion attack. The ShinyHunters group accepted responsibility for the breach and said it would release the data unless paid.
Jim Castle, 7-Eleven's chief information security officer, said the hackers gained access to internal servers containing franchisee documents, according to a listing from the Maine Attorney General's Office. Violations also included Social Security numbers and driver's licenses, according to a separate list from the Massachusetts attorney general's office.