%20(3).png){kind=small}
![TFD [LOGO] (10).png](https://static.wixstatic.com/media/bea252_c1775b2fb69c4411abe5f0d27e15b130~mv2.png/v1/crop/x_150,y_143,w_1221,h_1193/fill/w_179,h_176,al_c,q_85,usm_0.66_1.00_0.01,enc_avif,quality_auto/TFD%20%5BLOGO%5D%20(10).png)
Workday Confirms Data Breach
- By The Financial District
- 7 days ago
- 1 min read
Workday has confirmed that it suffered a data breach in which hackers stole personal information from one of its third-party customer relationship management (CRM) databases, Andrew Nusca reported for Fortune Tech.
In a blog post, the company did not disclose the scope of the breach but said the stolen data included “commonly available business contact information, like names, email addresses, and phone numbers.”
Workday suggested the hackers’ motivation was “potentially to further their social engineering scams.”
The incident comes amid a string of similar breaches affecting companies including Adidas, Cisco, Qantas, and Victoria’s Secret. Many of those involved CRM databases hosted by Salesforce.
Earlier this month, Salesforce stressed that its platform “had not been compromised” and that the breaches were “not related to any known vulnerability” in its products.
In a June blog post, Google researchers linked the attacks to ShinyHunters, a hacker group known for using voice phishing, or “vishing,” to trick corporate employees into granting access to cloud-based databases.
The group “may be preparing to escalate their extortion tactics by launching a data leak site … to increase pressure on victims,” the researchers warned, including those tied to the recent UNC6040 Salesforce-related breaches.
