-
Hackers say they stole 90GB of data from Poly, a subsidiary of HP that develops voice and video collaboration hardware and software.
-
In a dark web post, the hackers shared screenshots of internal source code and hardware chips, potentially exposing Ploy’s critical technical secrets.
-
HP is actively investigating but states there is no evidence its own systems or its customers’ data were compromised in the alleged attack.
A major cybercriminal group has made bold claims against a global tech company. The Everest ransomware cartel says it has stolen a huge trove of data from Poly, an HP subsidiary.
The hackers posted proof on the dark web to back up their claims. HP has confirmed it is looking into the situation right now.
The Alleged Breach and Stolen Data
The Everest ransomware cartel posted about the attack on its dark web blog. They claim to have stolen 90 gigabytes of internal data from Poly. Poly is a company that makes video conferencing systems and other collaboration tools.
In a boastful statement, the attackers said, “The leak of your internal company documents contains a huge variety of personal documents and information of clients.” To support their claim, they uploaded screenshots of the stolen data.
Everest ransomware group’s post on the leak site.
The posted images appear highly sensitive. They include photos of a computer chip clearly labeled as being manufactured by Polycom. Other screenshots show lists of files containing C and C++ programming code.
Cybernews researchers who analyzed the post believe this could be source code or drivers for Polycom’s firmware. This kind of technical data is a company’s crown jewel. Leaking it could make Poly’s products more vulnerable to future attacks.
There is a significant piece of evidence connecting the hackers to Polycom since all four examples used the original name ‘Polycom.’ Before HP acquired Polycom and rebranded it as Poly in 2022, this was known as Polycom, suggesting the hackers may have accessed an older legacy database. The database likely dates back to before the HP acquisition.
Company Response and Attacker Profile
HP, which now owns Poly, has issued a statement regarding the incident. The Oklahoma City-based company’s spokesperson said they’re aware of the claims that Polycom’s legacy database has been compromised and are currently investigating whether the claims hold water.
The spokesman also stated there was no evidence that HP’s databases or any customer data had been exposed. The company suggested that its customers ensure that they have installed all the latest security updates to their systems.
Everest didn’t share the full 90GB of data they claim they stole. They only shared selected screenshots as a sample. Ransomware gangs use this trick all the time — they share screenshots as proof they actually have the data, throw the victim into panic, hoping to push them into complying with their demands.
Everest used the exact same method just before the Poly post. They listed another victim, the data management giant Iron Mountain, on their blog. As we previously reported, hackers claimed the Iron Mountain data breach and set a February 11 deadline. Having first emerged in late 2020, the Everest Ransomware group has made a name for itself. People see them as one of the most dangerous cyber cartels out there, and a lot of folks think they’re connected to Russia.
In the past year alone, Everest has targeted an alarming list of global corporations. Their alleged victims include electronics maker ASUS, Brazilian oil company Petrobras, automaker Nissan, and even McDonald’s operations in India. Their focus on major, high-revenue companies marks them as a significant threat to global business security.
Why This Breach Claim Matters
No one knows yet just how much data was stolen, but the leaked samples already look pretty alarming. When source code and hardware designs get out, the impact lingers. Rivals—or anyone with bad intentions—can dig through that info and pick out fresh security gaps.
This could be a precursor for more attacks against Poly in the future. Screenshots of an RMX video conferencing management system were also among the leaked images. Security experts suggest this could mean the hackers also obtained login credentials for these systems.
Poly is one of the largest companies operating within the unified communications space. According to Poly, the company reported revenues of over $1.7 billion in 2021 and employs nearly 3,400 individuals.
If there is a confirmation of a data breach the scale of this one, it would be a major incident for all involved. For now, the investigation continues as companies around the globe compare their data against Everest’s allegations to see if they are founded in fact.
