Workday Reports Data Breach from Social Engineering Attack

Pleasanton, California — Workday, a leading human resources technology provider, has confirmed a data breach that occurred after attackers accessed a third-party customer relationship management (CRM) platform. The breach was revealed on August 18, following a social engineering campaign targeting numerous large organizations.

Workday disclosed that its CRM systems were compromised, leading to unauthorized access to certain information. However, the company emphasized that no customer tenants or their data were impacted. ‘We recently identified that Workday had been targeted and threat actors were able to access some information from our third-party CRM platform,’ the company stated in its announcement.

The initial discovery of the breach was made on August 6. It involved attacks where hackers contacted employees via text or phone, impersonating Human Resources or IT personnel to trick them into revealing sensitive information. A Workday spokesperson noted that the exposed data primarily consisted of commonly available business contact information, including names, email addresses, and phone numbers. ‘This information could potentially be used for further social engineering scams,’ they warned.

In recent weeks, other well-known companies have faced similar threats linked to the same social engineering tactics. ShinyHunters, an infamous group known for cyber extortion, is suspected of orchestrating these attacks, which exploit vulnerabilities in Salesforce CRM systems.

Workday serves over 11,000 corporate customers and has millions of users worldwide, evidencing the potential scope of the impact. Despite the breach, the company reassured clients that it responded swiftly to mitigate the risks and enhance their security measures going forward.

Customers are advised to remain vigilant and report any unusual communication requesting sensitive information directly to Workday.