Working day, one of the largest human resources technology providers, confirmed a data breach that allowed hackers to steal personal information from one of the third -party customer relationship databases.
In A post on the blog published late FridayThe HR technological giant said hackers stole an unspecified amount of personal information from the database, which the working day stated that it was mainly used to store contact information, such as names, email addresses and telephone numbers.
The working day did not explicitly rule out that customer information was obtained in the breach of the data, only stating that there was no “indication of access to customers or the data within them”, usually used by corporate customers to store most of the human resources and personal data files.
The company said stolen information can be used for further social engineering fraud, where hackers deceive or threaten victims to give them access to sensitive data.
The working day has more than 11,000 corporate customers, serving at least 70 million users worldwide, According to the company’s website. Computer with sinking reports that the hack was discovered on August 6th.
The working day did not recognize the violated third -party customer database platform, but follows in a recent series of cyberattacks aimed at databases hosted by Salesforce used by large companies to store customer data. In recent weeks, Google, Cisco, the Qantas Airline Giant and retailer They have all the data stolen from the salesforce databases.
Google has attributed violations to Shinyhunters, a hacker group known for the use of vocal electronic fishing to steal corporate data by deceiving company employees to access them access to cloud -based databases. Google has said Shinyhunters was likely to prepare a data leak site to eliminate its victims in the payment of hackers to delete data similar to how Ransomware gangs work.
Connor Spielmaker, a working -day spokesman, did not comment on the posting of the workday blog or answering TechCrunch questions, including whether Workday knows how many people had closed the data or who relates to stolen data, such as working day employees or day -to -day employees. The working day would not say if it has the technical means, such as the logs, to determine which customer data they had exhausted.
From the time of publication, Workday’s blog post revealing the violation It contained a hidden “Noindex” label in its source code, which guides search engines to ignore the page, making it difficult for anyone looking for the web to find the page.
It is not clear why Workday hides the notice of data breach from search engines.
Do you know more about the breach of work data or attacks targeting SalesForce databases? Have you been notified of data breach? Certainly contact this journalist via encrypted message at Zackwhittaker.1337 on the signal.
Was informed with a reply from the working day.
We always try to evolve and by providing some image of your perspective and feedback on TechCrunch and our coverage and events, you can help us! Complement this investigation To let us know how we do and have the opportunity to win a prize in return!
