Kodak, a global player in commercial printing and imaging technologies, has acknowledged a breach in its data security systems. This admission follows claims by the ShinyHunters cybercrime group, which alleged they had accessed sensitive information from Kodak’s databases.
Details of the Breach
The incident came to light when ShinyHunters listed Kodak on their site on June 15, asserting they had acquired over 2.2 million records of customer data and other sensitive corporate information. The hackers threatened to release this data publicly on June 18 if their demands were not met.
In response to inquiries by SecurityWeek, Kodak confirmed they are actively investigating the breach with the support of external cybersecurity specialists. The company has committed to providing additional updates as they become available.
Kodak’s Response and Assurance
A Kodak spokesperson commented, “We recently identified unauthorized access to a restricted amount of our company data.” They reassured stakeholders that the breach was limited in scope, has been contained, and poses no ongoing threat to their systems or operations.
In addition to internal measures, Kodak has reported the incident to law enforcement and continues to assist in their ongoing investigation, aiming to mitigate any repercussions of this breach.
ShinyHunters’ Recent Activities
ShinyHunters has gained notoriety for a series of high-profile data theft operations over the past year, often targeting large-scale enterprise software. In a recent exploit, the group reportedly breached at least 100 organizations using a zero-day vulnerability in Oracle PeopleSoft.
This incident is part of a broader pattern of cybercrime affecting numerous entities, including the Council of Europe, the University of Nottingham, and DentaQuest, among others.
As cybersecurity threats continue to evolve, organizations are urged to enhance their defensive measures and remain vigilant against potential vulnerabilities.
The ramifications of such breaches underline the critical importance of robust cybersecurity strategies to protect sensitive data and maintain operational integrity.
