Kodak Confirms Data Breach Following ShinyHunters’ Claim of Stolen Customer Records

One week ago, the extortion group also claimed responsibility for a new series of breaches at over 100 organizations(including the University of Nottingham) following data-theft attacks that exploited a zero-day flaw in Oracle’s PeopleSoft enterprise business software suite. “This is a final warning to reach out by 18 June 2026 before we leak along with several annoying (digital) problems that’ll come your way.” Although Kodak has yet to disclose how the threat actors gained access to its systems, ShinyHunters has also claimed attacks against hundreds of Salesforce customers over the past year, saying they’ve stolen over 1.5 billion records in Salesforce Aura and Salesloft Drift campaigns.

The Breach

A company spokesperson told BleepingComputer that attackers only accessed a “limited amount” of data in the incident, but didn’t reply to a subsequent email asking if they breached Kodak’s internal network.

Further details indicate that we will share additional updates as appropriate.” While the company has yet to attribute this breach, the ShinyHunters extortion group has claimed responsibility on their dark web leak site.

Kodak has confirmed that it’s working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company’s data.

We are working with law enforcement and are confident there is no threat to our systems or operations.” ShinyHunters is a well-documented cybercriminal syndicate with a history of large-scale data theft and extortion campaigns targeting organizations across multiple sectors.

” of data in the incident, but didn’t reply to a subsequent email asking if they breached Kodak’s internal network. ”, Spokesperson

Affected Data & Victims

Founded in 1880 as the Eastman Kodak Company and headquartered in Rochester, New York, Kodak has 79,000 worldwide patents and provides commercial print, advanced materials, and chemical products. One week ago, the extortion group also claimed responsibility for a new series of breaches at over 100 organizations(including the University of Nottingham) following data-theft attacks that exploited a zero-day flaw in Oracle’s PeopleSoft enterprise business software suite. We are working with law enforcement and are confident there is no threat to our systems or operations.” ShinyHunters is a well-documented cybercriminal syndicate with a history of large-scale data theft and extortion campaigns targeting organizations across multiple sectors.

“Over 2.2 million records containing customer PIl and other internal corporate data was compromised,” they said.

Cyber Alert Update USA, 𝗞𝗼𝗱𝗮𝗸Kodak confirmed a data breach after unauthorized access to a limited amount of company data.

In 2026 alone, the group has claimed responsibility for breaches at Instructure Canvas affecting up to 9,000 educational institutions, Charter Communications (42 million alleged records), and Oracle PeopleSoft customers across more than 100 organizations.

What Victims Should Do

1. We will share additional updates as appropriate.” While the company has yet to attribute this breach, the ShinyHunters extortion group has claimed responsibility on their dark web leak site.

2. Cyber Alert Update USA, 𝗞𝗼𝗱𝗮𝗸Kodak confirmed a data breach after unauthorized access to a limited amount of company data.

3. The investigation remains ongoing, and Kodak has committed to providing additional updates as circumstances develop.

Analysis

As AI tooling proliferates, security teams face expanding attack surfaces tied to model inference and data pipelines.

Sources

1. https://www.oracle.com/security-alerts/alert-cve-2026-35273.html