- The working day has been attacked in a data violation
- The violation was part of a campaign of social engineering attacks.
- The campaign has also addressed Google, Dior and Adidas.
The popular HR human resources platform has revealed that it was affected by a data violation that originates through a social engineering campaign.
“We want to inform you about a recent social engineering campaign aimed at many large organizations, including the working day,” the company confirmed in a statement.
“In this campaign, threat actors communicate with employees by text message or by phone that pretend to be human resources or you. Their goal is to deceive employees to renounce access account or their personal information.”
Other Phishing risks
Fortunately, Workday says that so far there have been “no indication of access to customers or data within them”, and the company has added additional safeguards to mitigate the risk of similar incidents in the future.
The statement adds the information that the threat actor obtained was “commonly available commercial contact information, such as names, email addresses and telephone numbers, potentially to promote their social engineering scams.”
It seems that this violation could be part of a wave of security violations that point to the instances of Salesforce CRM through phishing and social engineering attacks. These attacks have used these tactics to rape Google, Adidas, Dior and more.
It is likely that the hackers have used these phishing attacks to link malicious Oauth applications with the company’s Salesforce instance, then download and steal databases before using information to extort the victims, Bleepingcomputer information.
“As this type of breach is technically easier to make even highly effective, we could see even more threat actors adopted by these tactics,” Senior Manager of Cyber and Chief of Secops in Immersive, said Kevin Marriott. Techradar Pro.
“CRM tools are often a key objective for threat actors, since they generally store limited information, but valuable information that threat actors can be used or sold, with databases full of useful information, such as email addresses and other personal information.
“If this attack is really linked to the widest campaign that is directed to the Salesforce instances, it highlights how threat actors like Shinyhunters are focusing their efforts on SAAS platforms that contain valuable data of customers of a variety of organizations.”
Users must make sure they stay attentive online after the incident and be skeptical of unre requested incoming messages, especially those that demand urgent actions or threaten a disaster.
These are, and will continue to be, the largest red flag in Phishing attacks.
