The ransomware group ShinyHunters claimed Monday to have seized more than 2.2 million customer and corporate records from Eastman Kodak, giving the upstate New York imaging technology company two days to respond before it threatens to release the stolen data publicly.
ShinyHunters posted Kodak to its dark web victim blog alongside what it described as a final warning. “This is a final warning to reach out by 18 June 2026 before we leak along with several annoying (digital) problems that’ll come your way,” the group stated. The gang alleged it exfiltrated “over 2.2 million records containing customer PII and other internal corporate data,” though it has not released any sample files or other evidence to substantiate the claim. Kodak has not publicly acknowledged any breach of its networks.
Founded nearly 150 years ago, Kodak filed for bankruptcy in 2012 and has since restructured into a primarily business-to-business technology and manufacturing company. Its current operations span commercial digital printing, motion picture and still film production, advanced chemical manufacturing for pharmaceuticals and batteries, and brand licensing.
Monday’s alleged Kodak breach is part of a widening campaign by ShinyHunters that has swept through hundreds of high-profile corporate targets since last September, with the majority of victims linked to a global operation exploiting misconfigured Salesforce instances tied to more than 1.5 million records. The group has also been targeting a critical zero-day vulnerability in Oracle PeopleSoft software as part of its most recent June hacking spree.
Other victims claimed by ShinyHunters on Monday alone included Sysco Corporation, the U.S. food distribution giant, from which the gang allegedly stole more than 61 million Salesforce records, and Houston City College in Texas, where hundreds of thousands of student records were purportedly compromised.
In the past week, the group also claimed a theft of 26 million customer and corporate records from Madison Square Garden, a breach of fashion brand Ralph Lauren involving 220 gigabytes of customer personal information and transaction data, and the compromise of “hundreds of thousands of records” from department store chain JCPenney, allegedly including Social Security numbers, W-2 tax forms, and government identification scans.
Click Here For The Original Source.
