Eastman Kodak confirms data breach claimed by ShinyHunters
Imaging and materials company Eastman Kodak confirmed that an unauthorised third party temporarily accessed a limited amount of company data, after the ShinyHunters extortion gang listed Kodak on its dark-web leak site and claimed to hold more than 2.2 million records of customer and internal corporate data.
- Victim
- Eastman Kodak
- records
- 2.2M
On 17 June 2026, Eastman Kodak β the 130-year-old Rochester, New York imaging company now focused on commercial print, advanced materials, and chemicals β confirmed a cybersecurity incident after the prolific extortion gang ShinyHunters listed it on the group's dark-web leak site and threatened to publish data it claimed to have stolen.
What happened
ShinyHunters listed Kodak around 15 June 2026, claiming to hold more than 2.2 million records containing customer personally identifiable information (PII) along with internal corporate data, and set a deadline of 18 June 2026 for the company to respond before leaking the material. The 2.2-million figure is the attacker's own claim and has not been independently verified by Kodak or by security researchers.
In a statement, Kodak said an unauthorised third party illegally gained temporary access to a limited amount of company data. The company said it promptly engaged external cybersecurity experts to support an investigation, is working with law enforcement, and is confident there is no threat to its systems or operations. Kodak did not confirm the scope or record count asserted by the attackers.
Why it matters
ShinyHunters has emerged as one of the most active extortion crews of 2025β2026, running a high-volume cadence of "name-and-shame" listings against well-known brands and pressuring victims with public leak deadlines rather than file-encrypting ransomware. The Kodak listing fits that pattern: a recognisable corporate name, an unverified seven-figure record claim, and a short countdown designed to force a quick payment. For Kodak, the immediate exposure is reputational and β if customer PII is genuinely in the stolen set β a potential notification and regulatory burden, even though the company says its operational systems were not affected.
Timeline
The ShinyHunters extortion group lists Eastman Kodak on its dark-web leak site, claiming to have stolen more than 2.2 million records of customer PII and internal corporate data.
Kodak confirms that an unauthorised third party temporarily accessed a limited amount of company data, says it has engaged external cybersecurity experts and is working with law enforcement, and states there is no threat to its systems or operations.
ShinyHunters' stated deadline for Kodak to respond before threatening to publish the allegedly stolen data.
Sources
- bleepingcomputer.comhttps://www.bleepingcomputer.com/news/security/kodak-confirms-data-breach-claimed-by-shinyhunters-extortion-gang/
- securityweek.comhttps://www.securityweek.com/kodak-admits-data-breach-after-shinyhunters-hack-claims/
- malwarebytes.comhttps://www.malwarebytes.com/blog/news/2026/06/kodak-confirms-breach-as-shinyhunters-leak-threat-reaches-deadline
- cybernews.comhttps://cybernews.com/security/shinyhunters-claims-kodak-hack-2-million-records/
- computing.co.ukhttps://www.computing.co.uk/news/2026/security/kodak-confirms-data-breach-shinyhunters