According to Bleeping Computer News, Kodak is the latest company to be targeted by our friends in the social engineering world known as ShinyHunters. The group claims that 2.2 million records have been stolen and says the data will be leaked if negotiations do not take place.
Kodak has confirmed that an unauthorized third party gained temporary access to company data and says it is working with outside cybersecurity experts and law enforcement to investigate the incident.
We know that this group frequently relies on social engineering and identity-based attacks to gain access to organizations. This is also the second ShinyHunters-related story to cross our desk in as many days.
Social engineering is not difficult, and anyone can fall for it under the right circumstances. That’s one reason these attacks continue to be successful.
What remains unclear is the scope of the breach. While Kodak has confirmed unauthorized access, it has not confirmed ShinyHunters’ claim that 2.2 million records were stolen. As always, time will tell what investigators ultimately uncover.
Readers of this blog may recognize the ShinyHunters name. We recently covered another incident linked to the group. While every breach is different, the group has built a reputation for using social engineering techniques to gain access to organizations, demonstrating once again that people remain one of the most attractive targets for attackers.
Whether this claim ultimately proves accurate or not, the incident serves as another reminder that security awareness training and strong identity protections remain critical defenses against modern attacks.
Read more by going to the article from Bleeping Computer titled Kodak confirms data breach claimed by ShinyHunters extortion gang.
“Security is everyone’s problem, not just patching software, hardware, and the like. Understand that if someone asks you to download software to fix a problem, it may not necessarily be something good. While we do not yet know exactly how Kodak was compromised, groups such as ShinyHunters have built a
reputation for using social engineering and identity-based attacks to gain access to organizations.
Discover more from Jared's Technology podcast network
Subscribe to get the latest posts sent to your email.