The ShinyHunters gang on Monday claims it has stolen more than 2.2 million customer and corporate records from Eastman Kodak, targeting the American photography giant as part of its latest “pay or leak” ransomware campaign.
-
ShinyHunters claims it stole more than 2.2 million customer and corporate records from Eastman Kodak.
-
The gang has warned Kodak to reach out by June 18th or face a public data leak and “digital” problems.
-
The claim comes as ShinyHunters continues naming major brands in a wave of extortion attacks.
Kodak added to leak site
The upstate New York-based imaging technology company was posted on the ShinyHunters leak site, along with a final warning to reach out to the prolific ransomware group within two days or risk having its sensitive data leaked publicly.
“This is a final warning to reach out by 18 June 2026 before we leak along with several annoying (digital) problems that'll come your way," Shiny Hunters writes.
No proof posted yet
ShinyHunters alleges it exfiltrated “over 2.2 million records containing customer PII and other internal corporate data,” although it has not posted any proof samples to back up its massive claim.
To note, Kodak has not publicly acknowledged any breach of its networks in recent weeks.
The nearly 150-year-old company, which has undergone a complete restructuring since filing for bankruptcy in 2012, has morphed into a primarily business-to-business (B2B) technology and manufacturing corporation.
Its core offerings include commercial digital printing, manufacturing motion picture and still film, producing advanced chemicals for pharmaceuticals and batteries, and licensing its own brand.
Cybernews has contacted Kodak for a statement, and will update the story with any new information if we receive a response.
ShinyHunters keeps on rolling
ShinyHunters has been steamrolling through the names of hundreds of high-profile corporate victims since last September, the majority connected to a worldwide campaign exploiting more than 1.5 million records tied to misconfigured Salesforce instances.
The cybercriminal cartel has also kept busy executing its most recent June hacking spree targeting a critical zero-day vulnerability in Oracle PeopleSoft software.
Big names claimed in the past week alone include Madison Square Garden and a theft of 26 million customer and corporate records, a breach of fashion house Ralph Lauren involving 220 GB of customer PII and transaction information, as well as “hundreds of thousands of records” containing Social Security numbers, W-2 tax forms, and government ID scans from the American department store chain JCPenney.
Also appearing on the gang's dark victim blog on Monday were Sysco Corporation, with more than 61 million Salesforce records allegedly stolen from the US food distributor, and Houston City College in Texas, with hundreds of thousands of student records purportedly compromised.
Check if your data has been leaked
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked