Kodak is investigating a cybersecurity incident after hackers gained access to company data, while the ShinyHunters extortion group claims it stole more than 2.2 million records.
Quick Summary – TLDR:
- Kodak confirmed that an unauthorized third party gained temporary access to a limited amount of company data.
- ShinyHunters claims it stole more than 2.2 million records containing customer information and internal corporate data.
- The hacking group has threatened to leak the allegedly stolen data if Kodak does not respond by June 18, 2026.
- Kodak says it has engaged cybersecurity experts and law enforcement while maintaining that its operations remain unaffected.
What Happened?
Kodak has confirmed that it recently detected unauthorized access to some of its data and has launched an investigation into the incident. The company said an outside party gained temporary access to a limited amount of information, though it has not disclosed the full scope of the breach.
Meanwhile, the ShinyHunters extortion group has publicly claimed responsibility for the attack and alleges that it obtained more than 2.2 million records containing customer personally identifiable information and internal company data.
🚨Cyber Alert Update ‼️
— Hackmanac (@H4ckmanac) June 17, 2026
🇺🇸USA – 𝗞𝗼𝗱𝗮𝗸
Kodak confirmed a data breach after unauthorized access to a limited amount of company data. ShinyHunters claimed to have stolen over 2.2 million customer PII and internal corporate records
Threat actor: ShinyHunters
Sector:… pic.twitter.com/vYEAahpftU
Kodak Responds to Security Incident
The historic photography and imaging company said it acted quickly after discovering the intrusion. According to Kodak, external cybersecurity specialists were brought in to determine what information may have been accessed or copied during the incident.
A company spokesperson said:
The company added that it is working closely with law enforcement authorities and currently believes there is no threat to its ongoing systems or business operations.
At this stage, Kodak has not publicly attributed the attack to any specific threat actor. The company has also not confirmed whether attackers gained access to its internal network beyond the affected data.
ShinyHunters Issues Leak Threat
While Kodak continues its investigation, ShinyHunters has posted claims about the breach on its dark web leak site.
The cybercriminal group alleges that it obtained over 2.2 million records that include customer personal information and internal corporate files. To increase pressure on the company, the group issued what it described as a final warning and demanded contact before June 18, 2026.
The group claimed:
As of now, Kodak has not publicly commented on the validity of the claimed record count.
A Familiar Name in Major Cyberattacks
ShinyHunters has become one of the most recognized names in the cybercrime world due to its involvement in multiple large scale data theft campaigns.
Over the past year, the group has claimed attacks affecting hundreds of organizations connected to Salesforce and Salesloft Drift environments. The threat actor has also claimed responsibility for campaigns that allegedly exposed more than 1.5 billion records.
In late 2025, the group linked itself to a data theft incident involving Salesforce information accessed through third party provider Gainsight. At the time, ShinyHunters claimed the breach affected nearly 1,000 victims.
The group has also been associated with attacks involving multiple Snowflake customers and other third party service providers.
More recently, ShinyHunters claimed responsibility for a wave of breaches targeting more than 100 organizations, including the University of Nottingham. The attackers alleged they exploited an Oracle PeopleSoft zero day vulnerability tracked as CVE-2026-35273. The group has also claimed that the same flaw was used to compromise the Council of Europe.
Why This Matters?
The Kodak incident highlights the growing challenge organizations face from modern extortion groups that combine data theft with public leak threats. Even when companies report limited access to systems, attackers often use aggressive claims and deadlines to increase pressure and generate attention.
For customers and partners, the biggest question remains whether sensitive information was actually taken and, if so, how much data may be exposed if the attackers follow through on their threats.
Kodak’s ongoing investigation is expected to provide clearer answers in the coming days.
SQ Magazine Takeaway
I think this story is another reminder that even globally recognized brands with long histories are not immune to today’s cyber threats. What stands out here is the gap between what Kodak has confirmed and what ShinyHunters claims to have stolen. Until the investigation is complete, the true scale of the incident remains uncertain. However, if the alleged 2.2 million records are real, this could become one of the more significant corporate data exposure cases of the year.
