CRM data leak exposed by Workday

Workday, a leading business software company, has announced that it has suffered a data breach, with the compromised information primarily consisting of business contact details such as names, email addresses, and phone numbers. The breach is linked to a third-party Customer Relationship Management (CRM) platform and is part of a series of attacks carried out by the ShinyHunters hacking collective.

The group, known for data breaches, has also targeted well-known companies such as LVMH, Chanel, Pandora, Adidas, Qantas, Google, and Air France-KLM, as well as Tokopedia, Wish, and Zoosk. ShinyHunters typically carries out attacks by tricking employees into downloading an OAuth app or handing over their credentials through vishing calls impersonating IT helpdesk or HR.

Workday acted swiftly to cut off the access and added extra safeguards to protect against similar incidents in the future. It is important to note that no information about customer tenants or data within them was accessed in the attack. The breach did not involve any unauthorized access to Workday's customer data or its main operations.

In a recent ReliaQuest report, financial services firms have been identified as potential targets for ShinyHunters in the future. The group has been linked to the Scattered Spider collective, which has been blamed for multiple ransomware attacks on UK retailers earlier this year.

Workday has reassured its customers that the data breach is not related to its main operations or customer data within its platforms. The company encourages all employees to remain vigilant and to report any suspicious activity to the appropriate authorities.

As the investigation into the data breach continues, Workday and other affected companies will work to strengthen their cybersecurity measures and protect their valuable data from similar threats in the future.