Kodak breach investigation and **ShinyHunters** leak threat

An unauthorized third party accessed a limited amount of Kodak company data, and **ShinyHunters** later claimed it stole **over 2.2 million records** containing customer PII and internal corporate data. The activity has moved from breach disclosure to a public leak threat, with the attacker saying the data would be published on **18 June 2026** unless contacted before then. Available material confirms Kodak is investigating unauthorized access, but the size and contents of the claimed stolen dataset have not been independently verified. Kodak said it brought in external cybersecurity experts and law enforcement to determine what was accessed and copied. The company also said there is no threat to its systems or operations, which narrows confirmed fallout so far to potential confidentiality exposure rather than stated business disruption. The reported data categories raise follow-on risks such as identity abuse and exposure of internal business information if the material is released. Immediate defender focus is on validating what data left the environment, monitoring for publication or resale of Kodak data, and preparing notifications or containment steps if the leak claim materializes. The initial access path, the exact scope of copied data, and whether the attacker actually holds the full claimed dataset remain unknown in available evidence.