Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
HP

HP Vendor Cyber Rating & Cyber Score

hp.com

HP is redefining the future of work through technology.


HP A.I CyberSecurity Scoring

HP
Company Information
Website:http://www.hp.com
Employees number:139,628
Number of followers:5,228,591
NAICS:5415
Industry Type:IT Services and IT Consulting
Homepage:hp.com
HP Risk Score (AI oriented)
Between 700 and 749
logo
HPIT Services and IT Consulting
Updated:
30/03/2026
703/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
HP Global Score (TPRM)
xxxx
logo
HPIT Services and IT Consulting
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

HP
HPModerate
Current Score
703Ba (MODERATE)
01000
2 incidents
-92 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
713Before Incident
JUNE 2026
715Before Incident
MAY 2026
709Before Incident
APRIL 2026
708Before Incident
MARCH 2026
706Before Incident
FEBRUARY 2026
791Before Incident
Ransomware
02 Feb 2026HP
Polycom and HP Inc.: Everest Ransomware Claims 90GB Data Theft Involving Legacy Polycom Systems

Everest Ransomware Claims Breach of Legacy Polycom Systems, Threatens Data Leak

699After Incident
CRITICAL-92
HPPOL1770123179
Everest Ransomware Claims Breach of Legacy Polycom Systems, Threatens Data Leak The Everest ransomware group has asserted responsibility for a data breach involving legacy systems tied to Polycom, the enterprise communications brand acquired by HP Inc. in 2022 and rebranded as HP Poly. The group alleges it exfiltrated approximately 90GB of internal data, though evidence suggests the material may originate from pre-acquisition Polycom engineering or development environments rather than HP’s current infrastructure. In a post on its dark web leak site, Everest described the stolen data as a database and internal company documentation, including file directories, engineering build environments, source code trees, software logs, and technical documentation related to Polycom’s conferencing platforms, such as RMX and RealPresence systems. Screenshots shared by the group display filenames dated between 2017 and 2019, reinforcing the likelihood that the compromised data stems from legacy Polycom systems predating HP’s acquisition. Notably, the leaked images do not contain customer personal data or sensitive user information. Everest has set a 9-day countdown, threatening to publish the data if its demands are not met. However, the group has not provided metadata or timestamps confirming when the systems were accessed or whether they remained active at the time of exfiltration. HP Inc. has not publicly confirmed the breach, and there is no indication that current HP Poly production systems, customer services, or active environments were affected. Polycom has undergone multiple corporate transitions, including acquisition by Plantronics in 2018, rebranding as Poly in 2019, and subsequent integration into HP Inc. in 2022. Legacy domains, such as polycom.com, now redirect to HP-managed platforms. Everest, one of the most active ransomware groups in 2025 and 2026, has previously claimed high-profile attacks on organizations including McDonald’s India, Nissan, ASUS, Chrysler, Iberia Airlines, Under Armour, Petrobras, AT&T, and Dublin Airport. HP Inc. was contacted for comment on February 2, 2026, but had not responded at the time of publication. The claims remain unverified by independent sources.
INCIDENT DETAILS -
TYPE
Ransomware
MOTIVATION
Financial gain (ransom)
IMPACT
Data Compromised: 90GB of internal data (engineering build environments, source code trees, software logs, technical documentation)Systems Affected: Legacy Polycom systems (pre-2022 acquisition)Operational Impact: No impact on current HP Poly production systems or customer servicesBrand Reputation Impact: Potential reputational risk due to legacy data exposureIdentity Theft Risk: None (no customer personal data compromised)Payment Information Risk: None (no payment information compromised)
DATA BREACH
Engineering build environmentsSource code treesSoftware logsTechnical documentationSensitivity Of Data: Internal/proprietary (not customer-facing)Data Exfiltration: Yes (90GB exfiltrated)File directoriesLogsDocumentationPersonally Identifiable Information: None
JANUARY 2026
793Before Incident
DECEMBER 2025
793Before Incident
NOVEMBER 2025
793Before Incident
OCTOBER 2025
793Before Incident
SEPTEMBER 2025
793Before Incident
AUGUST 2025
792Before Incident
APRIL 2025
790Before Incident
Vulnerability
01 Apr 2025HP
HP

Privilege Escalation Vulnerability in Plantronics Hub Software

789After Incident
HIGH-1
HP909040125
A critical security vulnerability was found in Plantronics Hub software, which has been discontinued by HP. Attackers could escalate privileges using an unquoted search path weakness when combined with OpenScape Fusion for MS Office during startup. The vulnerability takes advantage of a flaw in how Windows handles unquoted paths. Attackers with write access to the C:\ directory can plant malicious files that execute with elevated privileges, allowing them to bypass User Account Control and escalate privileges. As OpenScape Fusion launches Plantronics Hub, the malicious code is executed, leading to privilege escalation. HP has not released a patch but recommends quoting the registry path and restricting write permissions to the C:\ directory as mitigation strategies.
INCIDENT DETAILS -
TYPE
Privilege Escalation
MOTIVATION
Privilege Escalation
IMPACT
Plantronics HubOpenScape Fusion for MS Office

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for HP ?
?
What was HP's A.I Rankiteo Cyber Score in June 2026 ?
?
What was HP's A.I Rankiteo Cyber Score in May 2026 ?
?
What was HP's A.I Rankiteo Cyber Score in April 2026 ?
?
What was HP's A.I Rankiteo Cyber Score in March 2026 ?
?
What was HP's A.I Rankiteo Cyber Score in February 2026 ?
?
What was HP's A.I Rankiteo Cyber Score in January 2026 ?
?
What was HP's A.I Rankiteo Cyber Score in December 2025 ?
?
What was HP's A.I Rankiteo Cyber Score in November 2025 ?
?
What was HP's A.I Rankiteo Cyber Score in October 2025 ?
?
What was HP's A.I Rankiteo Cyber Score in September 2025 ?
?
What was HP's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on HP's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with HP ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view HP's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?