Particle.news
Download on the App Store
10 ARTICLES
·
2h ago

Workday Discloses Third-Party CRM Breach Exposing Business Contacts

According to Workday, attackers accessed only common business contact details, not customer tenant data.

Close-up of sign and logo at headquarters of software company Workday in Pleasanton, California, March 26, 2018. (Photo by Smith Collection/Gado/Getty Images)
Image
Image
Workday data breach

Overview

  • Attackers used phone and text phishing, posing as HR or IT to trick employees into granting access to an unnamed third-party CRM platform
  • Workday discovered the compromise on August 6, immediately cut off access, implemented extra safeguards and notified potentially affected customers
  • The stolen information was limited to names, email addresses and phone numbers, which can be leveraged for follow-on phishing and extortion attempts
  • Security analysts link the incident to a broader ShinyHunters-style campaign targeting Salesforce-hosted CRMs at firms like Google, Adidas and Qantas
  • Workday has not identified the breached CRM vendor, disclosed the volume of records taken or explicitly confirmed attribution to any threat actor