Workday revealed it was targeted by a social engineering campaign that accessed limited data from its third-party CRM platform, primarily contact details. Despite swift action and enhanced safeguards, the incident highlights the persistent threat of social engineering attacks on organizations. #Workday #SocialEngineering
Keypoints
- Workday experienced a social engineering attack targeting large organizations.
- The attackers used phone calls and text messages impersonating HR or IT representatives.
- Limited data such as names, emails, and phone numbers were accessed from a third-party CRM platform.
- There is no evidence of unauthorized access to customer tenant data or internal systems.
- Social engineering remains a leading method for initial cyberattack access, involving diverse techniques beyond phishing.
Read More: https://thecyberexpress.com/workday-staff-fall-to-social-engineering-hack/