© 2026 CoolTechZone - Latest tech news,
product reviews, and analyses.

HR company Workday discloses social engineering attack and data breach


Workday, a California-based tech company that provides software to help businesses manage their finances and human resources, has announced that a threat actor was able to pull off a social engineering attack, enabling the attackers to gain access to a third-party customer relationship management (CRM) platform.

In a blog post, the company states that the attackers managed to lay their hands on information that was stored on the compromised CRM system.

“The type of information the actor obtained was primarily commonly available business contact information, like names, email addresses, and phone numbers, potentially to further their social engineering scams,” Workday says.

Even though the attackers were able to exfiltrate commonly available information, affected customers should still be vigilant. Scammers can use this information to contact gullible people and obtain even more personal information. Therefore, Workday comes with a warning:

“It’s important to remember that Workday will never contact anyone by phone to request a password or any other secure details. All official communications from Workday come through our trusted support channels.”

Workday wouldn’t say what third-party CRM system was impacted. However, back in June, Google warned businesses and organizations about vishing attacks, in which threat actors use social engineering scams to try to steal Salesforce data and extort companies.

“Organizations, are you prepared for voice phishing? UNC6040 is a financially-motivated threat cluster that specializes in using voice phishing (vishing) to compromise organizations' Salesforce instances, leading to large-scale data theft,” cybersecurity firm and Google subsidiary Mandiant said in a post on X at the time.

Since then, numerous high-profile companies have been targeted by an extortion group called ShinyHunters, including Adidas, Qantas, Allianz Life, Luis Vuitton, Pandora, Chanel, Cisco, and most recently Google.

A Salesforce spokesperson told Reuters at the time that there was no indication of any inherent vulnerabilities in the Salesforce platform and that the voice calls used to trick employees were “targeted social engineering scams designed to exploit gaps in individual users’ cybersecurity awareness and best practices.”