Workday hit in broader social engineering cyberattack

Workday disclosed a data breach after attackers accessed a third-party CRM system and stole business contact details. The breach is part of a larger social engineering campaign affecting major firms, where attackers pose as internal staff to trick employees. While no customer data or internal systems were compromised, Workday warns that the stolen information could fuel further phishing attempts. The attack appears linked to recent incidents targeting Salesforce users, possibly involving groups like Scattered Spider or ShinyHunters.

Read more:

https://www.securityweek.com/workday-data-breach-bears-signs-of-widespread-salesforce-hack/