Back to news
Cybersecurity Alert
June 18, 2026 by EmailMeNow IT Consulting

Kodak Confirms Data Breach as ShinyHunters Leak Deadline Passes

Eastman Kodak confirmed a limited data breach after ShinyHunters claimed 2.2 million records. An independent audit of kodak.com scores 70% overall on email and domain security.

Source: Malwarebytes / BleepingComputer / SecurityWeek

Data BreachShinyHuntersExtortionCybersecurityCustomer PII
Kodak data breach confirmed after ShinyHunters extortion deadline

Eastman Kodak Company confirmed it is investigating a data breach after the ShinyHunters extortion group claimed responsibility and threatened to publish stolen data unless the company responded by June 18, 2026, according to Malwarebytes, BleepingComputer, and SecurityWeek.

Kodak told reporters the incident involved a limited amount of company data, was contained, and did not pose a threat to its systems or operations. The company engaged external cybersecurity experts and notified law enforcement.

What ShinyHunters Claimed

The group posted on its leak site that it stole more than 2.2 million records containing customer PII and internal corporate data, warning:

“This is a final warning to reach out by 18 June 2026 before we leak along with several annoying (digital) problems that’ll come your way.”

As with other recent ShinyHunters campaigns, attackers did not publicly provide proof files at the time of the threat — a common extortion tactic to apply pressure before full facts are known.

Illustration: dark web leak site countdown threatening public data release after extortion deadline

Investigation Still Underway

It is not yet clear how attackers gained access. ShinyHunters is known for social engineering, insider bribery, and supply-chain exploitation — not solely traditional ransomware encryption.

Kodak’s investigation continues to determine who was affected and exactly what information was accessed.

Illustration: executive receiving encrypted extortion demand with ransom deadline and threat of public data leak

Independent Cybersecurity Audit

An EmailMeNow Cybersecurity Audit of kodak.com on June 19, 2026 scored the company’s primary domain at 70% (Good) — adequate for basic email authentication on paper, but not evidence that customer PII was protected everywhere attackers may have moved laterally.

DomainOverallRisk Level
Eastman Kodak (kodak.com)70%Good

ShinyHunters frequently combines social engineering, insider coercion, and supply-chain access — paths that bypass a solid public website score. Customers should still rotate passwords and watch for phishing regardless of the headline percentage.

Audit link: kodak.com audit

What Customers and Businesses Should Do

Malwarebytes and security researchers recommend practical steps while Kodak completes its analysis:

  • Change Kodak account passwords and avoid reusing them elsewhere.
  • Enable multi-factor authentication (MFA) on every account that supports it.
  • Consider a credit freeze with Equifax, Experian, and TransUnion if PII may be involved.
  • Watch for phishing emails referencing the Kodak breach — criminals exploit breach confusion with fake “support” messages.
  • Monitor Kodak’s official website for customer notifications rather than trusting unsolicited links.

Illustration: attacker viewing stolen customer records in a cloud CRM dashboard via compromised API tokens

Broader Pattern: Steal-and-Leak Extortion

Kodak joins a growing June 2026 list of ShinyHunters victims alongside Madison Square Garden and alleged targets such as One Medical.

For Texas businesses — including retailers, manufacturers, and professional services firms — the lesson is consistent: extortion deadlines are marketing events. Assume data may leak even when a company describes the scope as “limited.”

Review public breach monitoring resources and ransomware tracker guidance to watch leak sites before regulatory filings appear.


Reduce exposure to extortion and phishing after public breaches.

Run a free Instant Cybersecurity Audit at audit.emailmenow.com or contact EmailMeNow IT Consulting for security awareness training and email authentication (SPF, DKIM, DMARC).


Source: Malwarebytes — Kodak confirms breach as ShinyHunters’ leak threat reaches deadline · EmailMeNow audit — kodak.com