HP A.I CyberSecurity Scoring
HP
Company Information
Website:http://www.hp.com
Employees number:139,628
Number of followers:5,228,591
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:hp.com
HP Risk Score (AI oriented)
Between 700 and 749
HPIT Services and IT Consulting
Updated:
30/03/2026
30/03/2026
703/1000
Moderate
Ba
HP Global Score (TPRM)
xxxx
HPIT Services and IT Consulting
Score locked

HPModerate
Current Score
703Ba (MODERATE)
01000
2 incidents
-92 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
713
JUNE 2026
715
MAY 2026
709
APRIL 2026
708
MARCH 2026
706
FEBRUARY 2026
791
Ransomware
02 Feb 2026 • HP
Polycom and HP Inc.: Everest Ransomware Claims 90GB Data Theft Involving Legacy Polycom Systems
Everest Ransomware Claims Breach of Legacy Polycom Systems, Threatens Data Leak
699
CRITICAL-92
HPPOL1770123179
Everest Ransomware Claims Breach of Legacy Polycom Systems, Threatens Data Leak
The Everest ransomware group has asserted responsibility for a data breach involving legacy systems tied to Polycom, the enterprise communications brand acquired by HP Inc. in 2022 and rebranded as HP Poly. The group alleges it exfiltrated approximately 90GB of internal data, though evidence suggests the material may originate from pre-acquisition Polycom engineering or development environments rather than HP’s current infrastructure.
In a post on its dark web leak site, Everest described the stolen data as a database and internal company documentation, including file directories, engineering build environments, source code trees, software logs, and technical documentation related to Polycom’s conferencing platforms, such as RMX and RealPresence systems. Screenshots shared by the group display filenames dated between 2017 and 2019, reinforcing the likelihood that the compromised data stems from legacy Polycom systems predating HP’s acquisition. Notably, the leaked images do not contain customer personal data or sensitive user information.
Everest has set a 9-day countdown, threatening to publish the data if its demands are not met. However, the group has not provided metadata or timestamps confirming when the systems were accessed or whether they remained active at the time of exfiltration. HP Inc. has not publicly confirmed the breach, and there is no indication that current HP Poly production systems, customer services, or active environments were affected.
Polycom has undergone multiple corporate transitions, including acquisition by Plantronics in 2018, rebranding as Poly in 2019, and subsequent integration into HP Inc. in 2022. Legacy domains, such as polycom.com, now redirect to HP-managed platforms.
Everest, one of the most active ransomware groups in 2025 and 2026, has previously claimed high-profile attacks on organizations including McDonald’s India, Nissan, ASUS, Chrysler, Iberia Airlines, Under Armour, Petrobras, AT&T, and Dublin Airport. HP Inc. was contacted for comment on February 2, 2026, but had not responded at the time of publication. The claims remain unverified by independent sources.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JANUARY 2026
793
DECEMBER 2025
793
NOVEMBER 2025
793
OCTOBER 2025
793
SEPTEMBER 2025
793
AUGUST 2025
792
APRIL 2025
790
Vulnerability
01 Apr 2025 • HP
HP
Privilege Escalation Vulnerability in Plantronics Hub Software
789
HIGH-1
HP909040125
A critical security vulnerability was found in Plantronics Hub software, which has been discontinued by HP. Attackers could escalate privileges using an unquoted search path weakness when combined with OpenScape Fusion for MS Office during startup. The vulnerability takes advantage of a flaw in how Windows handles unquoted paths. Attackers with write access to the C:\ directory can plant malicious files that execute with elevated privileges, allowing them to bypass User Account Control and escalate privileges. As OpenScape Fusion launches Plantronics Hub, the malicious code is executed, leading to privilege escalation. HP has not released a patch but recommends quoting the registry path and restricting write permissions to the C:\ directory as mitigation strategies.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for HP ??
What was HP's A.I Rankiteo Cyber Score in June 2026 ??
What was HP's A.I Rankiteo Cyber Score in May 2026 ??
What was HP's A.I Rankiteo Cyber Score in April 2026 ??
What was HP's A.I Rankiteo Cyber Score in March 2026 ??
What was HP's A.I Rankiteo Cyber Score in February 2026 ??
What was HP's A.I Rankiteo Cyber Score in January 2026 ??
What was HP's A.I Rankiteo Cyber Score in December 2025 ??
What was HP's A.I Rankiteo Cyber Score in November 2025 ??
What was HP's A.I Rankiteo Cyber Score in October 2025 ??
What was HP's A.I Rankiteo Cyber Score in September 2025 ??
What was HP's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on HP's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with HP ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view HP's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?