Adaptavist Group
March 31, 2026
•[ unauthorized access, stolen credentials, data theft ]
Adaptavist Group detected unauthorized access to some systems in late March 2026 after an intruder used stolen credentials. Adaptavist said the accessed systems contained typical business data such as contact information, contracts, and NDAs; The Gentlemen claimed responsibility and claimed 24 GB of data theft, allegedly including source code, customer records, internal documents, credentials, and production-system references, but Adaptavist did not confirm the full claim.
Remita Payment Services Ltd
March 31, 2026
•[ data exfiltration, KYC documents, database leak ]
Remita Payment Services Ltd was named in Nigerian data-protection investigations after ByteToBreach claimed to have exfiltrated approximately 3 TB of data from Remita-linked systems, including KYC documents, databases, logs, backups, source code, password hashes, and customer and employee records. The Nigeria Data Protection Commission served notices of investigation on April 1, 2026, and the claimed data theft remains under investigation.
Poly
February 2, 2026
•[ ransomware, data leak, source code ]
HackRead reported that the Everest ransomware group claimed it stole about 90GB of internal data from systems linked to Polycom (a legacy enterprise communications brand now under HP Inc., branded as Poly). Everest said the dataset included an internal database and documentation and threatened publication after a nine-day countdown. Screenshots posted by the group appeared to show engineering build directories, source code trees, debug/log files, and technical documentation for Polycom conferencing platforms (including RMX and RealPresence), with filenames referencing dates from 20172019. The report stated there was no indication that HPs current production systems or customer services were impacted and the screenshots did not show customer personal data.
