Kodak Confirms Data Breach by ShinyHunters Extortion Group

Post Views: 11

Kodak is investigating a cybersecurity breach attributed to the ShinyHunters group, which claims to have stolen over 2.2 million records.

Kodak’s Cybersecurity Incident

Kodak has engaged external cybersecurity professionals to investigate a security incident involving unauthorized access to select company data. The corporation, established in 1880 and based in Rochester, New York, holds 79,000 global patents and operates in commercial printing, advanced materials, and chemical product manufacturing. A corporate representative confirmed that attackers accessed a “limited quantity” of information but did not specify whether internal networks were compromised. The company stated that an unauthorized entity temporarily accessed restricted data and immediately initiated an investigation with outside experts. Kodak emphasized collaboration with law enforcement and asserted that no risks to operational systems or infrastructure have been identified. Updates will be provided as necessary.

Company Statement and Investigation

Kodak confirmed the breach but did not disclose the method of initial compromise. The company is working with external experts to address the incident and has not identified risks to its operational systems or infrastructure.

ShinyHunters’ Claims and Stolen Data

The ShinyHunters cybercriminal group has asserted responsibility for the incident on their dark web data leak platform. According to the gang, they obtained over 2.2 million records containing customer personally identifiable information and internal corporate data, threatening to release the stolen information by June 18, 2026. The group warned of “numerous digital complications” if contact is not made by the deadline.

“We obtained over 2.2 million records containing customer personally identifiable information and internal corporate data,” said ShinyHunters. “If contact is not made by June 18, 2026, we will release the stolen information.”

Previous Attacks by ShinyHunters

The group has previously claimed attacks on hundreds of Salesforce users, alleging the theft of 1.5 billion records from Salesforce Aura and Salesloft Drift campaigns. The group has also been associated with breaches at multiple Snowflake clients and other third-party service providers. A week prior, ShinyHunters claimed involvement in data-theft operations targeting over 100 organizations, including the University of Nottingham, leveraging a zero-day vulnerability in Oracle’s PeopleSoft enterprise software.

Breach Patterns and Supply Chain Risks

The breach details align with broader patterns of the group’s activities, which frequently involve exploiting third-party systems to access sensitive data. No specific technical indicators of compromise have been publicly disclosed by Kodak at this time.

Security Challenges and Proactive Measures

The incident underscores ongoing challenges in securing enterprise environments, as threat actors increasingly target supply chains and cloud-based platforms. Security teams report that 54% of successful breaches go undetected until after significant damage occurs, with only 14% of attacks triggering timely alerts. Proactive measures, including continuous threat simulation and infrastructure hardening, remain critical to mitigating risks.

Breach Statistics and Detection Rates

54% of breaches remain undetected until significant damage occurs, while only 14% trigger timely alerts. This highlights the need for advanced security strategies to prevent future incidents.