- Workday has been targeted in a data violation
- The violation was part of a social engineering attack campaign
- The campaign has also targeted Google, Dior and Adidas
The popular HR platform Workday revealed that it had been struck by a data violation from a social engineering campaign.
“We want to inform you of a recent social engineering campaign targeting many major organizations, including workday,” said the company in a press release.
“In this campaign, threat actors contact employees by SMS or by phone pretending to be human resources or IT. Their objective is to encourage employees to abandon access to the account or their personal information. ”
Other phishing risks
Fortunately, Workday says that so far, there has been “no indication of access to customer tenants or to data within them”, and the company has added additional guarantees to mitigate the risk of similar incidents in the future.
The declaration adds the information that the threat actor obtained was “mainly commonly available commercial contact details, such as names, email addresses and telephone numbers, potentially to continue their social engineering scams”.
It seems that this violation can be part of a wave of security violations that target the bodies of Salesforce CRM through phishing and social engineering attacks. These attacks used these tactics to rape Google, Adidas, Dior, and more.
Pirates are likely to have used these phishing attacks to connect Oauth Malveurs applications to the company’s Salesforce body – then download and steal databases before using the information to extort the victims, Bleeping Compompute Reports.
“As this type of violation is technically easier to perform but always very effective, we could see even more threat actors adopting these tactics”, principal director of the cyber and manager of Secops at immersive, “said Kevin Marriott Techradar Pro.
“CRM tools is often a key target for threat stakeholders because they generally store limited information, but precious information that threat stakeholders can be used or sell, with databases filled with useful information, such as email addresses and other personal information.
“If this attack is indeed linked to the wider campaign targeting Salesforce’s bodies, it emphasizes how threat actors such as Shinyhuters concentrate their efforts on SaaS platforms that hold valuable customer data from various organizations.”
Users must ensure that they remain vigilant online after the incident and be skeptical about incoming incomplete messages, in particular those requiring urgent action or threaten with a disaster.
These are and will continue to be the largest red flag of phishing attacks.
