Eastman Kodak, the iconic American photography and imaging company, has confirmed a cybersecurity incident after the ShinyHunters hacking group claimed to have breached the organization. In a statement provided to SecurityWeek, Kodak said it believes there is no ongoing threat to its systems or operations as a result of the incident.
ShinyHunters Claims the Breach
ShinyHunters, a prolific cybercrime group with a long history of high-volume data theft campaigns, publicly claimed responsibility for compromising Kodak's systems. The group, which has been linked to dozens of major breaches over the past several years, has previously targeted organizations across retail, technology, financial services, and media sectors — often offering stolen data for sale on dark web forums.
While the specific contents and scope of the stolen data have not been fully disclosed, ShinyHunters' claims prompted Kodak to acknowledge the incident publicly.
Kodak's Response
Kodak confirmed the breach in a measured statement, asserting that its investigation indicates no material threat to ongoing business operations. This language mirrors responses from other organizations that have been targeted — acknowledging the incident while seeking to limit reputational and market impact.
The company did not immediately specify:
- What categories of data were accessed (customer, employee, or operational data)
- The number of individuals potentially affected
- The timeline of the intrusion
- Whether law enforcement has been notified
The incident is still under investigation, and further disclosures may follow as the company completes its forensic review.
ShinyHunters: A Persistent Threat
ShinyHunters has been one of the most active cybercrime groups of the past several years. The group rose to notoriety around 2020 and has since been linked to breaches at companies including:
- AT&T — 73 million records exposed
- Ticketmaster — 560 million records in the Snowflake-linked breach
- Santander — 30 million customers affected
- 7-Eleven — confirmed breach in 2026
- Medtronic — 9 million records claimed
- ADT — 55 million records affected
The group typically exfiltrates customer databases and either sells the data on cybercrime forums or extorts the target organization. In recent campaigns, ShinyHunters has also been linked to exploitation of third-party vendor access and OAuth token abuse.
Kodak's Cybersecurity Context
Kodak has undergone significant transformation over the past decade, pivoting from its consumer photography roots toward commercial printing, materials science, and advanced materials. While the company's operational footprint is smaller than its peak-film-era days, it still maintains customer records, intellectual property related to chemical formulations, and commercial printing contracts that represent sensitive data.
The breach serves as a reminder that no sector is immune to ShinyHunters' campaigns. The group has demonstrated a willingness to target organizations across industries regardless of size, leveraging credential theft, third-party access, and cloud misconfiguration as common entry vectors.
Recommendations
Organizations that may have had business relationships with Kodak — particularly partners with shared portal access or integrated supply chain systems — should monitor for any suspicious activity and consider reviewing access controls.
Individuals who have had commercial dealings with Kodak should remain vigilant for phishing attempts, especially those referencing Kodak business relationships or account information.
Source: SecurityWeek