Poly and HP: HP Probes Alleged Poly Network Breach, Ransomware Group Claims 90GB Data Theft

HP Investigates Alleged Poly Network Breach After Ransomware Group Claims 90GB Data Theft

HP is probing a potential data security breach following claims by the Everest ransomware group that it infiltrated Poly’s internal network a subsidiary of HP and exfiltrated 90GB of sensitive data. The incident surfaced after the threat actor publicly asserted responsibility, though HP has not yet confirmed the validity of the claims or the extent of the compromise.

The breach, if verified, would add to a growing list of high-profile ransomware attacks targeting enterprise networks in 2024. The Everest group, known for its aggressive extortion tactics, has previously been linked to other major incidents, including a confirmed breach at Iron Mountain, where it similarly claimed data theft.

Poly, a provider of communication and collaboration solutions, operates under HP’s enterprise portfolio, raising concerns about potential exposure of corporate, customer, or proprietary data. HP has not disclosed details on the nature of the allegedly stolen files, the timeline of the intrusion, or whether ransom demands were made.

The incident underscores the persistent threat posed by ransomware operators to global technology firms, particularly those managing large-scale infrastructure or sensitive business data. Further updates are expected as HP’s investigation progresses.

Source: https://www.teiss.co.uk/news/hp-probes-alleged-poly-network-breach-ransomware-group-claims-90gb-data-theft-17054

Poly TPRM report: https://www.rankiteo.com/company/poly

HP TPRM report: https://www.rankiteo.com/company/hpi-real-estate-services-&-investments

"id": "polhpi1770382226",
"linkid": "poly, hpi-real-estate-services-&-investments",
"type": "Ransomware",
"date": "1/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"

{'affected_entities': [{'industry': 'Communication and collaboration solutions',
                        'name': 'Poly',
                        'type': 'Subsidiary'},
                       {'industry': 'Technology',
                        'name': 'HP',
                        'type': 'Parent company'}],
 'data_breach': {'data_exfiltration': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Sensitive data'},
 'description': 'HP is probing a potential data security breach following '
                'claims by the Everest ransomware group that it infiltrated '
                'Poly’s internal network, a subsidiary of HP, and exfiltrated '
                '90GB of sensitive data. The incident surfaced after the '
                'threat actor publicly asserted responsibility, though HP has '
                'not yet confirmed the validity of the claims or the extent of '
                'the compromise.',
 'impact': {'data_compromised': '90GB of sensitive data',
            'systems_affected': 'Poly’s internal network'},
 'investigation_status': 'Ongoing',
 'motivation': 'Extortion',
 'ransomware': {'data_exfiltration': 'Yes', 'ransomware_strain': 'Everest'},
 'references': [{'source': 'Cyber Incident Description'}],
 'threat_actor': 'Everest ransomware group',
 'title': 'HP Investigates Alleged Poly Network Breach After Ransomware Group '
          'Claims 90GB Data Theft',
 'type': 'Ransomware'}

Poly and HP: HP Probes Alleged Poly Network Breach, Ransomware Group Claims 90GB Data Theft

Telegram: Hackers Use Pastebin-Hosted PowerShell Script to Steal Telegram Sessions

Udemy, McGraw-Hill, Vercel and Harvard University: Udemy Data Breach – ShinyHunters Allegedly Claims Compromise of 1.4M User Records

Coupang: South Korea says Coupang data breach probe affects US security talks