7-Eleven, Inc. has learned that federal authorities in New Jersey have indicted individuals for the theft of credit and debit card numbers in a computer hacking scheme targeting multiple retailers in a number of separate incidents over the last several years.
The company became aware in late 2007 that a security breach had occurred. The affected transactions were limited to customers’ use of certain ATMs, owned and operated by a third party, located in 7-Eleven stores over a 12-day period from October 28, 2007, through November 8, 2007. Steps were immediately taken to contain the security breach and prevent any recurrence.
Upon being notified of the breach, the card companies in accordance with their standard fraud response procedures then alerted the issuing financial institutions regarding the security breach. Each financial institution made its own decision about what appropriate actions to take, including the issuance of new cards or putting card numbers on alert for fraud. These remedial measures were taken in late 2007 and early 2008.
7-Eleven would like to thank the federal authorities for their diligence in pursuing the perpetrators of this crime. Because this matter is pending, we are not providing further details.