Oracle, Salesforce and Eastman Kodak Company: Kodak confirms data breach claimed by ShinyHunters extortion gang

Oracle, Salesforce and Eastman Kodak Company: Kodak confirms data breach claimed by ShinyHunters extortion gang

Kodak Investigates Data Breach as ShinyHunters Claims Responsibility

Eastman Kodak Company, the 144-year-old imaging and materials giant headquartered in Rochester, New York, has confirmed a security breach after unauthorized access to a portion of its data. A company spokesperson told BleepingComputer that the incident involved only a "limited amount" of data, though Kodak did not specify whether the attackers breached its internal network.

Kodak has engaged external cybersecurity experts to investigate the scope of the breach and is collaborating with law enforcement. The company stated it has found no evidence of ongoing threats to its systems or operations but has not yet attributed the attack.

The ShinyHunters extortion group has claimed responsibility, alleging the theft of over 2.2 million records containing customer personally identifiable information (PII) and internal corporate data. The group threatened to leak the data by June 18, 2026, unless Kodak engaged with them. Their dark web leak site listed the breach alongside other recent high-profile attacks.

ShinyHunters has been linked to multiple large-scale breaches, including attacks on Salesforce customers (allegedly stealing 1.5 billion records) and Snowflake clients in the past year. Just last week, the group claimed responsibility for breaches at over 100 organizations, including the University of Nottingham, exploiting a zero-day flaw in Oracle’s PeopleSoft software.

Kodak has not disclosed how the attackers gained access, and the investigation remains ongoing.

Source: https://www.bleepingcomputer.com/news/security/kodak-confirms-data-breach-claimed-by-shinyhunters-extortion-gang/

Salesforce cybersecurity rating report: https://www.rankiteo.com/company/salesforce

Oracle cybersecurity rating report: https://www.rankiteo.com/company/oracle

Eastman Kodak Company cybersecurity rating report: https://www.rankiteo.com/company/eastman-kodak

"id": "SALORAEAS1781684937",
"linkid": "salesforce, oracle, eastman-kodak",
"type": "Vulnerability",
"date": "5/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Imaging and Materials',
                        'location': 'Rochester, New York',
                        'name': 'Eastman Kodak Company',
                        'type': 'Corporation'}],
 'data_breach': {'data_exfiltration': 'Alleged',
                 'number_of_records_exposed': 'Over 2.2 million',
                 'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Customer PII',
                                              'Internal corporate data']},
 'description': 'Eastman Kodak Company confirmed a security breach after '
                'unauthorized access to a portion of its data. The '
                'ShinyHunters extortion group claimed responsibility, alleging '
                'the theft of over 2.2 million records containing customer PII '
                'and internal corporate data.',
 'impact': {'data_compromised': 'Over 2.2 million records',
            'identity_theft_risk': 'High'},
 'investigation_status': 'Ongoing',
 'motivation': 'Extortion',
 'references': [{'source': 'BleepingComputer'}],
 'response': {'law_enforcement_notified': 'Yes',
              'third_party_assistance': 'External cybersecurity experts'},
 'threat_actor': 'ShinyHunters',
 'title': 'Kodak Data Breach Investigation',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.