Imaging giant Kodak has confirmed it is investigating a security breach after hackers gained unauthorised access to some of the company's data, with the notorious ShinyHunters extortion group claiming responsibility for the intrusion.
According to a report by BleepingComputer, Kodak acknowledged the incident and stated it has engaged external cybersecurity experts to assist with the investigation. The company is working to determine the full scope of the breach, including what data may have been compromised and how the attackers initially gained access.
ShinyHunters Strikes Again
ShinyHunters is a well-known cybercriminal group that has built a reputation for targeting large enterprises, stealing sensitive data, and leveraging public disclosure as a pressure tactic. The group has previously been linked to breaches at major technology companies, telecoms firms, and media organisations. Their typical modus operandi involves exfiltrating data and threatening to publish it on underground forums unless payment or other demands are met.
The group claiming responsibility for the Kodak breach adds the 138-year-old imaging and photography company to a growing list of high-profile victims across multiple industry sectors.
What Remains Unknown
Critical details about the breach remain unclear as Kodak's investigation is still underway. The types of data potentially exposed — whether they include customer records, employee information, intellectual property, or internal corporate documents — have not been publicly disclosed. The total number of affected individuals or systems is also unknown at this time.
It is also unclear whether Kodak has filed notifications with data protection regulators, or what specific remediation steps the company may pursue once the forensic investigation concludes.
Enterprise Risk Reminders
The incident serves as a reminder that organisations with long operational histories and significant data holdings remain attractive targets for threat actors. Legacy enterprises often maintain sprawling digital infrastructure and vast repositories of both customer and proprietary data, which can present a broad attack surface.
For IT and security professionals, the breach highlights several persistent themes. Rapid detection, established incident response protocols, and the ability to quickly engage forensic expertise are critical capabilities. Kodak's decision to bring in third-party cybersecurity investigators immediately is a standard but essential move, allowing the organisation to contain the breach while preserving evidence for analysis.
The ShinyHunters connection also reinforces that extortion-style attacks — where data theft is paired with public shaming and ransom demands — continue to be a dominant threat model. Organisations should ensure their response playbooks account for this dual-pressure scenario, which combines technical incident management with reputational risk mitigation.
As Kodak's investigation progresses, further disclosures will likely clarify the full impact of the breach. The incident will be closely watched by security teams and regulators alike as details emerge about the attack vector and the nature of the compromised data.
影像巨頭柯達(Kodak)已證實正在調查一宗安全漏洞事件,此前有黑客獲取了該公司的部分未授權數據存取權限,而惡名昭彰的勒索組織 ShinyHunters 宣稱對此次入侵負責。
據 BleepingComputer 報導,柯達確認了此事件,並表示已聘請外部網絡安全專家協助調查。公司正致力於確定漏洞的完整範圍,包括哪些數據可能已被洩露,以及攻擊者最初是如何獲得存取權限的。
ShinyHunters 再次出手
ShinyHunters 是一個臭名昭著的網絡犯罪集團,以針對大型企業、竊取敏感數據並利用公開披露作為施壓手段而聞名。此前,該集團曾與多家大型科技公司、電訊企業及傳媒機構的數據洩露事件有所關聯。他們的典型作案手法包括竊取數據,並威脅在地下論壇上公開,除非滿足其付款或其他要求。
此次宣稱對柯達數據洩露事件負責,使這家擁有 138 年歷史的影像與攝影公司加入了跨多個行業的高知名度受害者名單。
尚待釐清的關鍵細節
由於柯達的調查仍在進行中,此次洩露的關鍵細節仍不清楚。潛在外洩數據的類型——無論是客戶記錄、員工信息、知識產權還是內部公司文件——均未公開披露。受影響的個人或系統總數目前亦未知。
此外,尚不清楚柯達是否已向數據保護監管機構提交通知,或在取證調查結束後,公司可能採取哪些具體的補救措施。
企業風險的再次提醒
此事件再次提醒我們,營運歷史悠久且持有大量數據的企業,仍是威脅行為者的主要目標。傳統企業通常維護著龐大的數碼基礎設施,以及龐大的客戶及專有數據儲存庫,這可能帶來廣泛的攻擊面。
對於 IT 及安全專業人員而言,此次洩露事件凸顯了幾個持續存在的主題。快速偵測、完善的事件應變協議以及迅速引入取證專業知識的能力至關重要。柯達決定立即引入第三方網絡安全調查人員,是標準且必要的舉措,既能控制洩露範圍,亦能為分析保留證據。
與 ShinyHunters 的關聯也再次強化了一種認知:結合數據竊取、公開羞辱及贖金要求的勒索式攻擊,仍然是主要的威脅模式。企業應確保其應變預案能應對這種結合了技術事件管理與聲譽風險緩解的雙重壓力場景。
隨著柯達調查的推進,後續披露的資訊將有助於釐清此次洩露的完整影響。隨著攻擊向量及受洩露數據性質的細節逐步浮現,此事件將受到安全團隊及監管機構的密切關注。