Kodak says it is investigating a cybersecurity incident after the ShinyHunters extortion group claimed to have stolen more than 2.2 million records containing customer personally identifiable information (PII) and internal corporate data.
The company confirmed that an unauthorized party briefly accessed a limited amount of data but has not verified the threat actor's claims regarding the scope of the alleged breach.
The allegation appeared on ShinyHunters' dark web extortion portal, where the group listed Kodak among several newly added victims and published a brief description of the purportedly stolen data. The threat actors alleged that they possess over 2.2 million records containing customer PII and internal corporate information. The group issued a deadline of June 18, 2026, threatening to leak the data if its demands are not met.
When contacted by CyberInsider, Kodak provided the following statement through a company spokesperson:
“Kodak recently discovered that an unauthorized third party illegally gained temporary access to a limited amount of company data. We promptly engaged external cybersecurity experts to support an investigation of what data was accessed and copied. We are working with law enforcement and are confident there is no threat to our systems or operations. We will share additional updates as appropriate.”
Eastman Kodak Company is one of the world's best-known imaging and printing technology firms. Founded in 1888 and headquartered in Rochester, New York, the company provides products and services spanning commercial printing, advanced materials, industrial manufacturing, and imaging technologies. While Kodak is no longer the dominant consumer photography company it once was, it remains a significant player in multiple industrial and enterprise technology sectors.
ShinyHunters is a financially motivated cybercrime group that has been linked to numerous high-profile data theft and extortion campaigns over the past several years. The group typically focuses on obtaining access to corporate systems, exfiltrating sensitive information, and then pressuring organizations to pay ransoms by threatening public disclosure of stolen data.
At this stage, there is no independent confirmation that ShinyHunters possesses the quantity or type of information described in its posting.
Kodak stated that it is working with law enforcement and emphasized that it does not believe the incident poses an ongoing threat to its systems or operations. The company has not announced any service disruptions, operational impacts, or customer notifications related to the event.
Leave a Reply