Workday Confirms Data Breach: Hackers Stole Personal Info
▼ Summary
– Workday confirmed a data breach where hackers stole personal information from a third-party customer relationship database, primarily containing contact details like names, emails, and phone numbers.
– The company stated there was no evidence of access to customer tenants, which store HR files and employee data, but did not rule out customer data being compromised.
– The stolen information could be used for social engineering scams, where hackers manipulate victims into revealing sensitive data.
– The breach was discovered on August 6, affecting Workday’s 11,000+ corporate customers and 70 million users, but the third-party database platform was not named.
– Workday’s breach disclosure included a hidden “noindex” tag, preventing search engines from displaying the page, though the reason for this remains unclear.
Workday has disclosed a cybersecurity incident involving unauthorized access to one of its third-party customer relationship databases, potentially exposing sensitive personal information. The cloud-based HR software provider confirmed the breach in a recent blog post, though details about the scope and impact remain limited.
According to the company, hackers obtained contact details such as names, email addresses, and phone numbers from the compromised database. While Workday clarified that its primary customer systems, where businesses store employee records, were not breached, it stopped short of guaranteeing that no client data was affected. The stolen information could be exploited in social engineering attacks, where cybercriminals manipulate individuals into divulging confidential data.
With over 11,000 corporate clients and 70 million users worldwide, Workday’s breach raises concerns about the security of third-party platforms. Reports indicate the intrusion was detected on August 6, though the exact database provider remains unnamed. This incident follows a troubling trend of cyberattacks targeting Salesforce-hosted databases, which have recently impacted major firms like Google, Cisco, Qantas, and Pandora.
Google previously linked similar breaches to ShinyHunters, a hacking group specializing in voice phishing scams to infiltrate cloud-based systems. The attackers allegedly planned to create a data leak site to pressure victims into paying ransom fees, a tactic commonly used by ransomware operators.
Workday’s spokesperson declined to provide additional details beyond the official statement, leaving key questions unanswered. The company has not disclosed how many individuals were affected, whether the stolen data belonged to employees or clients, or if forensic logs could determine the extent of the breach.
Notably, Workday’s breach notification was tagged with a “noindex” directive, preventing search engines from displaying the page in results. The reason behind this decision remains unclear, potentially limiting public awareness of the incident.
If you have insights into the Workday breach or attacks on Salesforce databases, or if you’ve received a data breach notification, you can reach out securely via encrypted messaging.
(Source: TechCrunch)
