Workday, one of the largest human resources technology providers, confirmed a violation of data that allowed infiltrators to steal personal information from a third -party customer relationship database.
in Blog published late on FridayThe human resources technology giant said that the infiltrators stole an unspecified amount of personal information from the database, which the working day said was used primarily to store contact information, such as names, email addresses and phone numbers.
The working day was not explicitly excluded that the customer’s information was taken in data breach, indicating only that there was no “indication of access to customer tenants or data within them”, which corporate customers usually use to store the largest part of the human resources files and personal data for employees.
The company said that stolen information can be used for more fraud in social engineering, as it deceives infiltrators or threatens victims to provide access to sensitive data.
Workday has more than 11,000 customers from a company, and they serve at least 70 million users worldwide, According to the company’s website. Bleeping computer Reports The hack was discovered on August 6.
Workday did not specify the customer customer database platform that was violated, but is followed in a set of electronic attacks targeting the salesforce hosts used by large companies to store customer data. In recent weeks, Googleand Ciscoand Qantas giant airlinesAnd Bandura retail stores All of them had been stolen from the data from their Slesforce databases.
Google has strengthened the Shinyhunters violations, a group of infiltrators known to use audio fishing to steal corporate data by deceiving the company’s employees to give them access to the databases based on the group of the peer. Google said that Shinyhunters is likely to be in the process of preparing a data leakage site to blackmail its victims to pay infiltrators to delete data, similar to how Ransomware gangs work.
TECRUNCH’s e -mail on questions did not respond to questions, including whether Workday knows the number of individuals who were stolen or from stolen data, such as working day employees or Workday clients.
As of the time of writing this report, Labor Day Blog post Disclosure of breach It contains the hidden “Noindex” brand in its source code, which guides search engines to ignore the page, making it difficult for anyone to search for the web to find the page.
It is not clear for any reason the working day is to hide the data breach notice from search engines.
Do you know more about working day data or attacks targeting Salesforce databases? Have you been fell into a data breach? Call safely for this reporter via an encrypted message at Zackwhittaker.1337 to the signal.
https://techcrunch.com/wp-content/uploads/2025/08/workday-larger-959933114.jpg?w=1024
Source link