Eastman Kodak has confirmed a cybersecurity incident after the ShinyHunters extortion group posted a threat on its dark web leak site, claiming to have stolen over 2.2 million records containing customer personally identifiable information (PII) and internal corporate data.
The imaging technology giant acknowledged that an unauthorized third party briefly accessed “a limited amount” of company data, though the company has not independently verified the full scope of the threat actor’s claims.
The breach was first observed on June 15, 2026, when ShinyHunters, one of the most prolific cybercrime and extortion groups currently active, listed Kodak on its dark web site.
Cyber Alert Update
USA – 𝗞𝗼𝗱𝗮𝗸
Kodak confirmed a data breach after unauthorized access to a limited amount of company data. ShinyHunters claimed to have stolen over 2.2 million customer PII and internal corporate records
Threat actor: ShinyHunters
Sector:… pic.twitter.com/vYEAahpftU— Hackmanac (@H4ckmanac) June 17, 2026
The group issued a “final warning” demanding the company make contact by June 18, 2026, or face a public leak of the exfiltrated data along with what they described as additional “annoying (digital) problems.”
In a statement provided to the media, Kodak said: “Kodak recently discovered that an unauthorized third party illegally gained temporary access to a limited amount of company data. We promptly engaged external cybersecurity experts to support an investigation of what data was accessed and copied. We are working with law enforcement and are confident there is no threat to our systems or operations.”
ShinyHunters is a well-documented cybercriminal syndicate with a history of large-scale data theft and extortion campaigns targeting organizations across multiple sectors.
In 2026 alone, the group has claimed responsibility for breaches at Instructure Canvas affecting up to 9,000 educational institutions, Charter Communications (42 million alleged records), and Oracle PeopleSoft customers across more than 100 organizations.
The group typically operates via social engineering and vishing attacks to compromise employee credentials before exfiltrating sensitive data. ShinyHunters has not published any proof samples to validate the scale of the Kodak breach claim.
Kodak has not disclosed which categories of customer PII were accessed, nor has it confirmed whether any formal breach notification obligations have been triggered under applicable data protection regulations. No service disruptions or operational impacts have been reported as of this writing.
The investigation remains ongoing, and Kodak has committed to providing additional updates as circumstances develop.
CISO & Security Leaders: Your next breach may not have a face. Join ISC2’s LIVE webinar, “Ghost in the Machine”
The post Kodak Confirms Data Breach Following ShinyHunters’ Claim of Stolen Customer Records appeared first on Cyber Security News.
