Workday Data Breach Bears Signs of Widespread Salesforce Hack

Workday appears to have joined the list of major companies that had their Salesforce instances targeted by hackers. 

HR and finance giant Workday has disclosed a data breach that may be the result of an attack launched as part of a widespread campaign.

Workday said threat actors gained access to a third-party customer relationship management (CRM) system and obtained “commonly available business contact information” such as names, phone numbers, and email addresses.

The company, which has over 20,000 employees, said the attack was part of a social engineering campaign that hit many large organizations recently.

In this campaign, attackers call or text employees at the targeted organization, claiming to represent IT or HR in an effort to trick them into handing over personal information or account access.

“There is no indication of access to customer tenants or the data within them. We acted quickly to cut the access and ...