Workday acknowledged being the target of a breach that compromised personal information of individuals. This breach was part of a social engineering campaign that affected several large organizations. Threat actors gained access to data from a third-party CRM platform, which included commonly available business contact information such as names, email addresses, and phone numbers. Workday emphasized the risks of social engineering scams, where criminals deceive employees into disclosing personal or account information. The company has implemented additional safeguards to prevent future incidents and reassured customers about their communication practices.
Workday revealed it was the target of a breach that exposed personal information to hackers as part of a social engineering campaign affecting many large organizations.
Threat actors accessed information from a third-party CRM platform, including commonly available business contact information like names, email addresses, and phone numbers.
Criminals contact company employees by pretending to be from human resources or other departments to trick employees into giving up account access.
Workday has over 11,000 corporations as customers, with a global reach of 70 million people, emphasizing they will not contact customers by phone for sensitive information.
Collection
[
|
...
]