Workday Reveals CRM Breach

Workday Reveals CRM Breach

Por

Business software giant Workday appears to have become the latest big name to suffer a data breach linked to a third-party CRM platform.

The firm issued a relatively short statement on Friday citing a “social engineering campaign targeting many large organizations,” including itself.

“We recently identified that Workday had been targeted and threat actors were able to access some information from our third-party CRM platform,” it said.

“There is no indication of access to customer tenants or the data within them. We acted quickly to cut the access and have added extra safeguards to protect against similar incidents in the future.”

The data compromised in the attack was “primarily commonly available business contact information” including names, email addresses and phone numbers, the statement continued.

Read more on ShinyHunters: Chanel and Pandora Breached as Salesforce Campaign Continues

Workday warned that such information could help the threat actors to launch follow-on social engineering scamsand reminded customers that it would never contact them directly to request passwords or other “secure details.”

The attack is strikingly similar to many others carried out by the ShinyHunters group over recent weeks.

In thesecampaigns, employees at a well-known company are targeted with vishing calls impersonating the IT helpdesk or HR. They are then tricked into downloading an OAuth app or handing over their credentials outright.This allows the attackers to access the corporate Salesforce database, exfiltrate its contents and then hold it to ransom.

Firms including LVMH,Chanel, Pandora,Adidas, Qantas, Google and Air France-KLM are among those to have had data compromised in this way. A recent ReliaQuest report pointed to a series of recently registered phishing domains as proof that financial services firms could be next on the target list.

ShinyHunters has also been linked to the notorious Scattered Spider collective, which has been blamed formultiple ransomware attacks on UK retailers earlier this year.

Imagecredit: Tada Images / Shutterstock.com