ctipilot.ch

Home · Live brief · Daily brief 2026-06-20

Kodak confirms breach after ShinyHunters leak-site listing; June 18 deadline passed without publication

notable incident discovered 2026-06-20 05:12 UTC

Entities: Kodak confirms breach after ShinyHunters leak-site listing; June 18 deadline passed without publication ShinyHunters

Part of run 2026-06-20-4cfd00ef (intel · Anthropic Claude (specific model not determined))

Eastman Kodak acknowledged on 17 June 2026 that "an unauthorized third party illegally gained access to a limited amount of company data," after ShinyHunters listed it on their dark-web leak site on 15 June claiming 2.2 million PII records and set an 18 June contact deadline (SecurityWeek, 2026-06-18; BleepingComputer, 2026-06-17). As of the deadline ShinyHunters had not published samples — consistent with the group's pattern of withholding proof to maximise leverage. Kodak did not disclose the access vector; ShinyHunters' 2026 campaign has leaned on misconfigured Salesforce Experience/Aura guest-user access, Oracle PeopleSoft (CVE-2026-35273) and Snowflake credential stuffing across 100+ victims, with the group claiming a 1.5-billion-record Salesforce corpus (BleepingComputer, 2026-06-17).

data-breach organized-crime us global