Workday, one of the biggest providers of human resources technology, has confirmed a data breaches that allow hackers to steal personal information from one of their third-party customer relationship databases.
In a blog post published late Friday, the HR Technology giant said the hackers had stole unspecified personal information from the database.
Workday did not expressly rule out that customer information was retrieved in a data breach. This states that “there is no indication of access to the customer tenant or the data within it.”
The company said stolen information could be used to promote social engineering fraud. Hackers said they would deceive or threaten victims and provide access to sensitive data.
Workday has over 11,000 corporate customers, and according to its website, it serves at least 70 million users worldwide. Bleeping Computer reports that the hack was discovered on August 6th.
Workday did not identify compromised third-party customer database platforms, but continues to the recent level of cyberattacks targeting the Salesforce hosted databases that large companies use to store customer data. In recent weeks, Google, Cisco, airline giant Qantas and retailer Pandora have all been stolen from the Salesforce database.
Google attributes the violation to ShinyHunters, a group of hackers known for using voice phishing to steal company data by stealing company employees, to allow company employees to access cloud-based databases. Google said that Shinyhunters is likely in the process of preparing a data leak site to force victims to pay hackers to remove data similar to the behavior of ransomware gangs.
Workday spokesman Connor Spielmaker did not comment on Workday blog posts or TechCrunch questions. Workday does not determine how customer data is expanded whether there are technical means such as logging.
At the time of publication, Workday’s blog post violation contained a hidden “Noindex” tag in the source code, which instructs search engines to ignore the page, making it difficult for people searching the web to find the page.
It’s not clear why Workday is hiding data breach notifications from search engines.
Do you know more about Workday data breaches or attacks targeting Salesforce databases? Have you been notified of a data breach? Please contact this reporter securely via a message encrypted with Zackwhittaker.1337.
Updated with a response from Workday.
We are constantly trying to evolve and you can help us by providing insights into TechCrunch and your perspective and feedback on our coverage and events! Fill in this research to let us know how we are doing and get the opportunity to win an award in return!
Source link
