Workday has disclosed a data breach resulting from a social engineering attack on a third-party CRM platform, exposing business contact information. This incident is linked to a broader wave of Salesforce-related breaches attributed to the ShinyHunters group, affecting multiple high-profile organizations. #Workday #ShinyHunters
Keypoints
- An attacker gained access to Workdayβs third-party CRM system through social engineering.
- No customer tenant data was compromised in the breach.
- exposed data mainly included business contact information like names and phone numbers.
- breach is part of a larger campaign linked to the shinyhunters group targeting salesforce instances.
- organizations including google louis vuitton and tiffany co. have also been targeted in this wave of attacks.