Kodak Confirms Breach After ShinyHunters Lists 2.2 Million Records
Kodak's breach admission follows ShinyHunters' claim of 2.2 million records and a ransom deadline. Official containment statements conflict with the group's prior scale of operations against legacy enterprise software. Pattern of delayed, scope-minimizing disclosures continues across multiple victims.
Kodak stated the intrusion was limited in scope and contained after external forensics review. The company notified law enforcement but provided no timeline for full incident report or affected record categories. This matches a recurring pattern where vendors issue containment language before data volume is independently verified.
ShinyHunters previously exploited an Oracle PeopleSoft zero-day to hit over 100 organizations. Procurement records show Kodak runs legacy ERP instances with extended support contracts, creating persistent exposure windows that align with the group's targeting profile.
The discrepancy between Kodak's 'limited' assessment and the claimed 2.2 million records suggests either incomplete telemetry or deliberate minimization. Similar statements preceded confirmed leaks at other ShinyHunters victims within 72 hours of public claims.
Next indicators will be whether the dataset appears on known leak forums by June 19 or if additional victims surface through the same PeopleSoft vector.
ShinyHunters: Full Kodak dataset posted on leak forum by June 19 absent confirmed payment.
Sources (2)
- [1]Primary Source(https://www.securityweek.com/kodak-admits-data-breach-after-shinyhunters-hack-claims/)
- [2]Supporting Source(https://www.bleepingcomputer.com/news/security/shinyhunters-hackers-claim-to-have-hacked-100-companies-via-oracle-peoplesoft/)