HP subsidiary allegedly breached by Everest ransomware gang

Cybernews reports that major voice and voice collaboration platform developer Poly, a subsidiary of HP, had 90 GB of data claimed to have been stolen by the Everest ransomware operation.

Analysis of the data samples included in Everest's leak post which referred to the firm as Polycom, or the company's name before HP's acquisition in 2022 revealed screenshots showing lists of C and C++ code files that could be related to firmware drivers or source code and the RMX managed system for video conferencing, as well as a photo with a Polycom-manufactured chip, according to Cybernews researchers, who suspected Everest to have compromised an older database.

"Broadly speaking, the exposed source code and photos of hardware could be used for vulnerability. Screenshots of RMX management systems could indicate that the gang has credentials on their hands as well, but at this point we cannot confirm this," said researchers. Everest's assertions come as it also alleged breaching U.S. enterprise information management services firm Iron Mountain.