Human resources firm Workday has disclosed a data breach after attackers compromised a third-party customer relationship management (CRM) platform using a social engineering attack.
In a statement, Workday said that attackers accessed some information from its CRM platform, which is used by over 11,000 organizations. The company emphasized that there is no indication of any access to customer data.
The compromised information includes common business contact details like names, email addresses, and phone numbers. Workday warned that this exposed data could be used in future social engineering scams. The company also reminded users that it will never contact them by phone to request passwords or other secure details.
It is currently unclear if the breach is related to a campaign by the threat group ShinyHunters, which has been using social engineering and voice phishing to target Salesforce CRM and other major companies.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
