7-Eleven fuel app was targeted in a data breach last week, exposing users’ personal information. For a period of time allowed users to see personal information of other users. This app is used by drivers to find the best gas prices around the five closest 7-Eleven stores to the user’s real-time location. The popular fuel app has been downloaded over two million times since its launch a few years ago.
The data breach was first discovered when a customer reported to 7-Eleven that he was able to access the personal information of other users. After logging into the app, he discovered that he was able to see another user’s data. He was able to see information like names, cell phone numbers, date of birth, and email addresses. The customer logged in and out of his account a number of times and found that the same issue kept occurring. This is when he informed 7-Eleven, who later shut down the app for some time.
A 7-Eleven spokesperson stated:
“The 7-Eleven Fuel App experienced a technical issue. The issue has been resolved, and the 7-Eleven Fuel App is now online for all customers. We are continuing to investigate and have informed the relevant authorities”
The spokesperson did not answer questions about the breach but did say the matter was under investigation. However, the spokesperson did say “We can confirm we have been notified about a potential data breach involving 7-Eleven”.
This is the second incident at 7-Eleven this year. In July 7-Eleven Japan had to suspend its 7Pay app when a third-party charged almost 900 customer accounts for fraudulent transactions amounting to $500,000. This breach was also discovered by a customer, who called 7-Eleven about an unauthorized transaction.
Although investigations are ongoing it is crucial that anyone who has downloaded the app should change their password. This is exceptionally important if you are reusing passwords across multiple platforms, such as credit card or banking applications.
Contact LIFARS immediately
If Your Organization was hit with a Data Breach