HomeIntelligenceBrief
BREACH BRIEF🟠 High Breach

Kodak Images Breach Confirmed Amid ShinyHunters Leak Threat

Kodak disclosed a data breach after the ShinyHunters hacking group threatened to publish stolen internal documents and source code. The incident underscores the need for continuous vendor‑risk monitoring and SOC 2‑aligned evidence collection.

LiveThreat™ Intelligence · 📅 June 23, 2026· 📰 malwarebytes.com
🟠
Severity
High
BR
Type
Breach
🎯
Confidence
High
🏢
Affected
1 sector(s)
Actions
3 recommended
📰
Source
malwarebytes.com

Kodak Images Breach Confirmed Amid ShinyHunters Leak Threat

What Happened — Kodak announced that it suffered a data breach after the ShinyHunters hacking group threatened to publish stolen files. The breach exposed internal documents and source code, and the group set a public deadline for the leak. Kodak confirmed the incident and began remediation efforts.

Why It Matters for Compliance & Audit Readiness

  • A third‑party breach tests the effectiveness of your vendor‑risk program and the controls you have to monitor supplier security continuously.
  • SOC 2 vendor‑management criteria (CC6.1, CC6.2) require documented due‑diligence and evidence that you assess and re‑assess third‑party security posture—exactly the gap highlighted by Kodak’s exposure.
  • Continuous monitoring of vendor alerts (e.g., ShinyHunters’ public disclosures) provides a defensible audit trail showing you acted promptly on emerging threats.

Who Is Affected — Media & entertainment companies, imaging and printing service providers, and any downstream partners that integrate Kodak’s APIs or SDKs.

Recommended Actions

  • Review and update your vendor‑risk inventory to ensure Kodak (or similar imaging providers) is classified with appropriate criticality.
  • Map the incident to SOC 2 CC6 controls, collect evidence of risk assessments, and document any remediation steps taken.
  • Implement continuous monitoring of third‑party threat feeds (e.g., ShinyHunters’ disclosures) to trigger timely alerts and evidence collection. Source: Malwarebytes Labs – A week in security (June 15‑21)

Technical Notes

  • Attack vector: Unknown – ShinyHunters obtained data through undisclosed means and leveraged a public “leak deadline” to pressure the vendor.
  • Exposed data: Internal documents, source code, and potentially proprietary imaging algorithms. Source: same as above
📰 Original Source
https://www.malwarebytes.com/blog/news/2026/06/a-week-in-security-june-15-june-21-2

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Vendor Risk Hub

Point-in-time vendor reviews miss incidents like this.

Verisq AI Trust Operations replaces the annual questionnaire with continuous third-party monitoring — so vendor exposure becomes audit evidence, not a once-a-year guess.

See how Verisq AI Trust Operations works →