The imaging and commercial-printing company Kodak has confirmed it suffered a data breach after the prolific cybercrime group ShinyHunters claimed to have stolen information from its systems. Here's a quick summary — and, more importantly, what it means for businesses like yours.

What happened

As reported by SecurityWeek, ShinyHunters added Kodak to its leak site in mid-June, claiming to hold more than 2.2 million records of customer personal information and internal corporate data, and threatening to publish it unless a ransom was paid. Kodak has acknowledged that an unauthorised third party gained access to a limited amount of company data, says the incident has been contained with no threat to its systems or operations, and confirms it has engaged external cyber-security experts and notified law enforcement.

ShinyHunters has been one of the most active extortion groups of the past year, recently linked to a campaign that compromised more than 100 organisations by exploiting a zero-day flaw in widely used enterprise software.

Why this matters — even if you're not Kodak

It's tempting to read a story about a global brand and assume it doesn't apply to a smaller business. The opposite is true:

  • The method, not the target, is the lesson. These campaigns succeed by exploiting vulnerabilities in common business software, stealing data, and then extorting the victim. That same playbook runs against organisations of every size — automated and indiscriminate.
  • Your data is the prize. You don't have to be a household name to hold customer, staff and financial data that's worth stealing and ransoming.
  • "Contained" still costs. Even a limited, well-handled breach means investigation, legal and regulatory obligations (including notifying the ICO in the UK), and reputational damage.

Five things to check this week

  1. Patch the perimeter. Keep internet-facing systems and business software fully up to date — these attacks target exactly what's left unpatched.
  2. Turn on multi-factor authentication everywhere, especially for email and remote access.
  3. Know where your data lives and minimise what you hold — you can't lose what you don't keep.
  4. Back up to an isolated copy and actually test that you can restore it.
  5. Have an incident response plan so that, like Kodak, you can contain and respond quickly rather than improvise under pressure.

Cyber Essentials covers the fundamentals that stop the overwhelming majority of attacks like this, and as a Cyber Essentials Plus certified provider we can assess where you stand and close the gaps. Get in touch for a no-obligation review.

Source: Kodak Admits Data Breach After ShinyHunters Hack Claims — SecurityWeek