Workday, a leading provider of human resources technology with over 11,000 corporate clients and 70 million users worldwide, has confirmed a data breach involving one of its third-party customer relationship databases.
In a blog post published late Friday, the company disclosed that hackers accessed and stole personal information such as names, emails, and phone numbers. Workday did not rule out the possibility that customer data was compromised but insisted there is “no indication of access to customer tenants or the data within them,” which hold sensitive HR and employee files.
The company warned that the stolen data could be exploited for social engineering attacks, where hackers trick victims into sharing confidential details. The breach, discovered on August 6, follows a string of recent cyberattacks targeting Salesforce-hosted databases used by major corporations including Google, Cisco, Qantas, and Pandora.
Google previously linked such breaches to the ShinyHunters hacker group, known for voice phishing and extortion tactics. Reports suggest the group may be preparing a leak site to pressure victims into paying for the deletion of stolen data.
Notably, Workday’s blog post initially contained a “noindex” tag, preventing search engines from showing the disclosure, raising questions about the company’s transparency. Workday has not confirmed how many individuals were affected or whether corporate clients’ data was impacted.
