The ShinyHunters extortion group claims it has breached imaging giant Kodak and stolen more than 2.2 million customer records, threatening to publish the data if its demands are not met.
According to the hackers, the alleged dataset contains customer information and internal company data collected over multiple years. The group posted Kodak on its dark web leak site this week, claiming responsibility for the intrusion and warning that the stolen information could be released publicly.
At the center of the incident is the alleged exposure of approximately 2.2 million records. While the full contents of the dataset have not been independently verified, ShinyHunters claims the files contain personally identifiable information and corporate data. As of now, Kodak has not publicly confirmed that a breach occurred or verified the authenticity of the claims.
The allegations follow a string of high-profile attacks linked to ShinyHunters throughout 2026. The group has repeatedly targeted major organizations, often stealing large volumes of data and using public leak threats to pressure victims into negotiations. Recent victims claimed by the gang include companies in the technology, telecommunications, education, retail, and financial sectors.
Unlike traditional ransomware attacks that focus on encrypting systems, ShinyHunters increasingly relies on data theft and extortion. The group’s typical strategy involves exfiltrating sensitive information, threatening public disclosure, and demanding payment in exchange for deleting the stolen files.
If confirmed, the Kodak incident would rank among the larger breach claims attributed to the group this year. However, cybersecurity researchers caution that dark web extortion posts do not automatically prove a successful compromise. Threat actors sometimes exaggerate the scale of incidents or recycle previously leaked information to increase pressure on targeted organizations.
For now, the existence, scope, and contents of the alleged Kodak breach remain unverified. Additional details are expected to emerge as researchers examine the claims and Kodak determines whether any systems or customer information were affected.