Everest Ransomware Group Claims Data Theft from Legacy Polycom Systems

HP Inc. is investigating claims of a data breach involving legacy Polycom systems after the Everest ransomware group listed the company on its dark web leak site on February 2, 2026. 

The threat actors allege they stole 90GB of internal data from environments associated with the enterprise communications brand, which HP acquired in 2022 and rebranded as HP Poly. The screenshots do not display customer personal data or sensitive user information. Several filenames visible in the screenshots reference dates from 2017 to 2019, so the material may originate from legacy Polycom environments.

According to the threat actor's claims, the stolen data includes:

• Internal company documentation and databases
• Source code trees for legacy conferencing platforms
• Engineering build environments and software logs
• Technical documentation for RMX and RealPresence systems
• Debug files and internal directory structures

The number of affected individuals is not disclosed. 

HP Inc. has not issued a formal public statement regarding the incident. When researchers contacted the company on February 2, 2026, HP support acknowledged the inquiry and stated they would coordinate with the relevant internal teams to verify the claims.