Eastman Kodak Company has acknowledged a security breach in which an unauthorized third party gained illegal, temporary access to a stored collection of company data.
The hacking collective known as ShinyHunters—responsible for previously targeting Canvas, a learning platform operated by Infrastructure—has claimed responsibility for the attack. According to threat intelligence data shared by Malwarebytes, the group asserts it extracted more than 2.2 million records. Reportedly, this dataset contains both personally identifiable information (PII) belonging to customers and confidential internal business data.
Kodak’s Response
ShinyHunters issued a final ultimatum with a deadline of June 18, 2026, warning that if their demands were not satisfied, they would release the entire stolen database publicly and cause additional disruptions to Kodak’s IT systems.
Rather than complying with the ransom request or engaging in negotiations, Kodak refused to pay. Instead, the company focused on containing the breach internally, brought in external cybersecurity experts, and worked closely with law enforcement to investigate the incident—all aligned with its enterprise risk management protocols and federal regulations.
Malwarebytes notes that extortion groups often deploy public countdown clocks and threats of data leaks as intense pressure tactics before the full scope of an incident is understood. Kodak maintains that the breach has already been actively contained and remains limited in impact, posing no continued risk to its current systems or daily operations—despite the fact that ShinyHunters has not yet provided verifiable public evidence supporting its claim of compromising 2.2 million records.
Recommended Next Steps
Even as investigators work to identify exactly who may have been affected, Malwarebytes urges individuals to take swift, proactive measures to safeguard their personal information:
- Update Your Credentials: If you hold an account with Kodak, change your password right away. Also update the password on any other platforms where you may have reused it, to defend against credential-stuffing attacks.
- Enable Multi-Factor Authentication (MFA): Turn on MFA wherever possible for your online accounts. Even if your password is compromised, MFA serves as a critical additional layer of protection.
- Beware of Phishing Attempts: In the aftermath of a corporate data breach, cybercriminals frequently ramp up their efforts. Exercise caution with any emails, text messages, or phone calls referencing the Kodak incident—especially those urging immediate action or requesting you to click suspicious links or share sensitive personal or financial information.
- Consider Placing a Credit Freeze: If you believe your data may have been exposed and could be misused to open fraudulent accounts in your name, one of the most effective precautions is to request a voluntary credit freeze through all three major credit bureaus: Equifax, Experian, and TransUnion.
Looking Ahead
As independent forensic analysts work to reconcile the gap between Kodak’s characterization of a limited exposure and the attackers’ assertion of 2.2 million compromised records, anticipate heightened scrutiny in the coming weeks.
Should the investigation confirm that personal data of affected individuals was indeed exfiltrated, expect to receive formal breach notification letters from Kodak. Meanwhile, organizations relying on Kodak’s commercial or enterprise services should remain on high alert for highly targeted phishing campaigns leveraging leaked corporate details—as threat actors increasingly shift their focus away from traditional ransomware encryption toward pure data extortion strategies.
Author References:
About the Author
Carmen Estela serves as a Cybersecurity Research Analyst at Cyber Defense Magazine and is a candidate for the Women in Cybersecurity Award. She recently earned her Master of Science degree from the University of Central Florida and holds a Bachelor’s degree in Criminology from the University of Florida, complemented by certifications in Data Analytics and AI Fundamentals & Applications. Carmen is an active speaker and volunteer at prominent industry events including BSides Orlando and BSides Jax, where she shares insights on emerging cyber threats. She is dedicated to raising the bar in cybersecurity governance, risk management, and compliance. Her professional background also includes roles as an adult protective investigator, police dispatcher, and legal intern, giving her cross-sector investigative experience spanning law enforcement, academia, and public service.
Reach her online at [email protected].
