background Layer 1
International community of IT Leaders: Striving for the Best Practices & Professional Growth Together
Sign in Join Us

HR giant Workday admits personal data breach after social engineering attack

HR giant Workday has reported a data breach after attackers gained access to a third-party customer relationship management (CRM) platform in a recent social engineering attack.

Workday is headquartered in Pleasanton, California. The company has more than 19,000 employees in offices across North America, EMEA, and Asia Pacific. Workday's customer list includes more than 11,000 organizations across a wide range of industries, including more than 60% of the Fortune 500.

The attackers gained access to some of the information stored in the compromised CRM systems, but Workday said no customers were harmed. However, the incident did expose some of the company's contact information, including customer data, which could be used in future attacks.

"The attacker obtained primarily publicly available company contact information, such as names, email addresses, and phone numbers, potentially to further conduct social engineering scams," Workday added.

In a separate notice sent to potentially affected customers, the company added that the breach was discovered on August 6.

According to Workday, attackers are contacting employees via text message or phone, posing as HR or IT personnel, in an attempt to trick them into accessing their account or personal information.

A Workday spokesperson referred to a company blog post when asked to confirm that attackers had breached a Salesforce instance.

While the company has not directly confirmed the information, BleepingComputer has learned that the Workday incident was the result of security breaches associated with the ShinyHunters ransomware group, which has been targeting Salesforce CRM systems using social engineering and voice phishing. The campaign has recently compromised many other high-profile companies around the world, including Adidas, Qantas, Allianz Life, Louis Vuitton, Dior, Tiffany & Co., Chanel, and Google.

The attacks allegedly began earlier this year, with attackers tricking victims' employees into connecting a malicious OAuth app to the company's Salesforce instances using social engineering attacks.

Once connected, the attackers used the connection to download and steal company databases, then used the data to extort victims via email.

ShinyHunters has been linked to numerous high-profile attacks, including Snowflake, as well as the AT&T and PowerSchool hacks.

News

HR giant Workday admits personal data breach after social engineering attack

August 19

OpenAI Releases Flagship AI Model GPT-5

August 12

Google has begun throttling data center power consumption using AI to support the US power grid during peak hours

August 5

Tamara teams up with Amazon Payment Services for BNPL in UAE and KSA

July 15

OpenAI: GPT-5 will combine achievements of different models

July 9
Events

Online Workshop "Elevator Pitch: How to Present Ideas and Projects Effectively"

August 27
Zoom
We use cookies for analytical purposes and to deliver you the best experience with our website. Continuing to the site, you agree to the Cookie Policy.