Kodak Confirms Data Breach Following ShinyHunters’ Claim of Stolen Customer Records
Key Facts
- One week ago, the extortion group also claimed responsibility for a new series of breaches at over 100 organizations(including the University of Nottingham) following data-theft attacks that exploited a zero-day flaw in Oracle's PeopleSoft enterprise business software suite.
- "This is a final warning to reach out by 18 June 2026 before we leak along with several annoying (digital) problems that'll come your way." Although Kodak has yet to disclose how the threat actors gained access to its systems, ShinyHunters has also claimed attacks against hundreds of Salesforce customers over the past year, saying they've stolen over 1.5 billion records in Salesforce Aura and Salesloft Drift campaigns.
- A company spokesperson told BleepingComputer that attackers only accessed a "limited amount" of data in the incident, but didn't reply to a subsequent email asking if they breached Kodak's internal network.
- We will share additional updates as appropriate." While the company has yet to attribute this breach, the ShinyHunters extortion group has claimed responsibility on their dark web leak site.
- Kodak has confirmed that it's working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company's data.
- We are working with law enforcement and are confident there is no threat to our systems or operations.” ShinyHunters is a well-documented cybercriminal syndicate with a history of large-scale data theft and extortion campaigns targeting organizations across multiple sectors.
- "Over 2.2 million records containing customer PIl and other internal corporate data was compromised," they said.
- Cyber Alert Update USA – 𝗞𝗼𝗱𝗮𝗸Kodak confirmed a data breach after unauthorized access to a limited amount of company data.
- In 2026 alone, the group has claimed responsibility for breaches at Instructure Canvas affecting up to 9,000 educational institutions, Charter Communications (42 million alleged records), and Oracle PeopleSoft customers across more than 100 organizations.
- Eastman Kodak has confirmed a cybersecurity incident after the ShinyHunters extortion group posted a threat on its dark web leak site, claiming to have stolen over 2.2 million records containing customer personally identifiable information (PII) and internal corporate data.
One week ago, the extortion group also claimed responsibility for a new series of breaches at over 100 organizations(including the University of Nottingham) following data-theft attacks that exploited a zero-day flaw in Oracle’s PeopleSoft enterprise business software suite. “This is a final warning to reach out by 18 June 2026 before we leak along with several annoying (digital) problems that’ll come your way.” Although Kodak has yet to disclose how the threat actors gained access to its systems, ShinyHunters has also claimed attacks against hundreds of Salesforce customers over the past year, saying they’ve stolen over 1.5 billion records in Salesforce Aura and Salesloft Drift campaigns.
The Breach
A company spokesperson told BleepingComputer that attackers only accessed a “limited amount” of data in the incident, but didn’t reply to a subsequent email asking if they breached Kodak’s internal network.
Further details indicate that we will share additional updates as appropriate.” While the company has yet to attribute this breach, the ShinyHunters extortion group has claimed responsibility on their dark web leak site.
Kodak has confirmed that it’s working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company’s data.
We are working with law enforcement and are confident there is no threat to our systems or operations.” ShinyHunters is a well-documented cybercriminal syndicate with a history of large-scale data theft and extortion campaigns targeting organizations across multiple sectors.
” of data in the incident, but didn’t reply to a subsequent email asking if they breached Kodak’s internal network. ”, Spokesperson
Affected Data & Victims
Founded in 1880 as the Eastman Kodak Company and headquartered in Rochester, New York, Kodak has 79,000 worldwide patents and provides commercial print, advanced materials, and chemical products. One week ago, the extortion group also claimed responsibility for a new series of breaches at over 100 organizations(including the University of Nottingham) following data-theft attacks that exploited a zero-day flaw in Oracle’s PeopleSoft enterprise business software suite. We are working with law enforcement and are confident there is no threat to our systems or operations.” ShinyHunters is a well-documented cybercriminal syndicate with a history of large-scale data theft and extortion campaigns targeting organizations across multiple sectors.
“Over 2.2 million records containing customer PIl and other internal corporate data was compromised,” they said.
Cyber Alert Update USA, 𝗞𝗼𝗱𝗮𝗸Kodak confirmed a data breach after unauthorized access to a limited amount of company data.
In 2026 alone, the group has claimed responsibility for breaches at Instructure Canvas affecting up to 9,000 educational institutions, Charter Communications (42 million alleged records), and Oracle PeopleSoft customers across more than 100 organizations.
What Victims Should Do
-
We will share additional updates as appropriate.” While the company has yet to attribute this breach, the ShinyHunters extortion group has claimed responsibility on their dark web leak site.
-
Cyber Alert Update USA, 𝗞𝗼𝗱𝗮𝗸Kodak confirmed a data breach after unauthorized access to a limited amount of company data.
-
The investigation remains ongoing, and Kodak has committed to providing additional updates as circumstances develop.
Analysis
As AI tooling proliferates, security teams face expanding attack surfaces tied to model inference and data pipelines.
Sources
Sources & References
- Oracle Security Alert Advisory - CVE-2026-35273. Primary vendor advisory. https://www.oracle.com/security-alerts/alert-cve-2026-35273.html
SecurityXP delivers daily cybersecurity news, vulnerability analysis, data breach reports, and threat intelligence.
Security Digest
Get the latest cybersecurity news, vulnerability alerts, and threat intelligence delivered to your inbox.
Related Articles
Klue OAuth breach victim list grows as Icarus hackers claim attack Data Breach
Market intelligence platform Klue has publicly confirmed a recent security incident that allowed threat actors to steal OAuth tokens used to connect to...
Data BreachesChinese hackers breach REDCap servers, steal medical research Data Breach
"Their research areas span a broad spectrum of modern medicine, from molecular discovery and clinical drug trials to state-level public health policy and...
Data BreachesTexas Parks & Wildlife Data Breach Affects 3 Million Individuals
Related: Data Breaches at Healthcare Organizations in Illinois and Texas Affect 600,000 Related: 377,000 Impacted by Data Breach at Texas Gas Station Firm...
Data BreachesMajor Data Breach Warning Issued for 3 Million in Texas: What To Know
Major Data Breach Warning Issued for 3 Million in Texas: What To Know...