{"id":1715,"date":"2025-08-21T08:20:24","date_gmt":"2025-08-21T08:20:24","guid":{"rendered":"https:\/\/www.tsfactory.com\/forums\/?p=1715"},"modified":"2025-08-21T08:20:24","modified_gmt":"2025-08-21T08:20:24","slug":"hackers-target-workday-in-social-engineering-attack","status":"publish","type":"post","link":"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/","title":{"rendered":"Hackers target Workday in social engineering attack"},"content":{"rendered":"<p>Workday has confirmed that it fell victim to a wide-ranging social engineering campaign that allowed hackers to access information at one of its third-party vendors.<\/p>\n<p>The hackers work by impersonating IT and human-resources personnel in order to trick employees into sharing their personal information and account credentials,\u00a0<a href=\"https:\/\/blog.workday.com\/en-us\/protecting-you-from-social-engineering-campaigns-update-from-workday.html?refCamp=7014X000002rwAFQAY\">Workday said in a blog post published Friday<\/a>.<\/p>\n<p>Breaching the customer-support system gave the hackers access to support tickets that included Workday customers\u2019 names, email addresses and phone numbers, which the hackers could use to conduct further social-engineering attacks. But Workday said there was no sign that the intruders had accessed data stored on its own servers.<\/p>\n<p>\u201cAll signs show that our customer Workday data remains secure,\u201d a spokesperson told Cybersecurity Dive via email.<\/p>\n<p>Workday is a major AI-based platform for managing human resources and payments. More than 11,000 organizations around the world use its services, including more than 60% of the Fortune 500.<\/p>\n<p>The attack follows a string of social-engineering intrusions linked to ShinyHunters, a hacker group associated with an underground cybercrime collective known as The Com. The Com also has ties to the notorious hacker team Scattered Spider, which has targeted companies in multiple industries over the past several months, including retail, insurance and aviation.<\/p>\n<p>ShinyHunters has launched numerous attacks in recent months targeting Salesforce instances, according to\u00a0<a href=\"https:\/\/cloud.google.com\/blog\/topics\/threat-intelligence\/voice-phishing-data-extortion?e=48754805\">researchers at Google<\/a>. The group targeted one of Google\u2019s own Salesforce instances earlier this month.<\/p>\n<p>Reliaquest recently\u00a0<a href=\"https:\/\/reliaquest.com\/blog\/threat-spotlight-shinyhunters-data-breach-targets-salesforce-amid-scattered-spider-collaboration\/\">published evidence of possible collaboration<\/a>\u00a0between ShinyHunters and Scattered Spider, including ticket-themed phishing domains and Salesforce credential-harvesting pages.<\/p>\n<p>Workday said it has informed customers and partners about the incident with its vendor and has taken additional security measures to prevent a similar incident from happening again.<\/p>\n<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/hackers-target-workday-in-social-engineering-attack\/758095\/\">Read the Full Story Here<\/a><\/p>\n<p>Source: Cybersecurity Dive<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Workday has confirmed that it fell victim to a wide-ranging social engineering campaign that allowed hackers to access information at one of its third-party vendors. The hackers work by impersonating IT and human-resources personnel in order to trick employees into sharing their personal information and account credentials,\u00a0Workday said in a blog post published Friday. Breaching [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":738,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-1715","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Hackers target Workday in social engineering attack - Community<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hackers target Workday in social engineering attack - Community\" \/>\n<meta property=\"og:description\" content=\"Workday has confirmed that it fell victim to a wide-ranging social engineering campaign that allowed hackers to access information at one of its third-party vendors. The hackers work by impersonating IT and human-resources personnel in order to trick employees into sharing their personal information and account credentials,\u00a0Workday said in a blog post published Friday. Breaching [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"Community\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/TSFactoryLLC\/\" \/>\n<meta property=\"article:published_time\" content=\"2025-08-21T08:20:24+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/10\/pexels-anete-lusina-9832081.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"1917\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Chelsie Wyatt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:site\" content=\"@TSFactoryLLC\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chelsie Wyatt\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/\",\"name\":\"Hackers target Workday in social engineering attack - Community\",\"isPartOf\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/10\/pexels-anete-lusina-9832081.jpg\",\"datePublished\":\"2025-08-21T08:20:24+00:00\",\"author\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/#primaryimage\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/10\/pexels-anete-lusina-9832081.jpg\",\"contentUrl\":\"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/10\/pexels-anete-lusina-9832081.jpg\",\"width\":1280,\"height\":1917},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.tsfactory.com\/forums\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hackers target Workday in social engineering attack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#website\",\"url\":\"https:\/\/www.tsfactory.com\/forums\/\",\"name\":\"Community\",\"description\":\"TSFactory\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f\",\"name\":\"Chelsie Wyatt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g\",\"caption\":\"Chelsie Wyatt\"},\"url\":\"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers target Workday in social engineering attack - Community","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/","og_locale":"en_US","og_type":"article","og_title":"Hackers target Workday in social engineering attack - Community","og_description":"Workday has confirmed that it fell victim to a wide-ranging social engineering campaign that allowed hackers to access information at one of its third-party vendors. The hackers work by impersonating IT and human-resources personnel in order to trick employees into sharing their personal information and account credentials,\u00a0Workday said in a blog post published Friday. Breaching [&hellip;]","og_url":"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/","og_site_name":"Community","article_publisher":"https:\/\/www.facebook.com\/TSFactoryLLC\/","article_published_time":"2025-08-21T08:20:24+00:00","og_image":[{"width":1280,"height":1917,"url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/10\/pexels-anete-lusina-9832081.jpg","type":"image\/jpeg"}],"author":"Chelsie Wyatt","twitter_card":"summary_large_image","twitter_creator":"@TSFactoryLLC","twitter_site":"@TSFactoryLLC","twitter_misc":{"Written by":"Chelsie Wyatt","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/","url":"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/","name":"Hackers target Workday in social engineering attack - Community","isPartOf":{"@id":"https:\/\/www.tsfactory.com\/forums\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/#primaryimage"},"image":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/10\/pexels-anete-lusina-9832081.jpg","datePublished":"2025-08-21T08:20:24+00:00","author":{"@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f"},"breadcrumb":{"@id":"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/#primaryimage","url":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/10\/pexels-anete-lusina-9832081.jpg","contentUrl":"https:\/\/www.tsfactory.com\/forums\/wp-content\/uploads\/2021\/10\/pexels-anete-lusina-9832081.jpg","width":1280,"height":1917},{"@type":"BreadcrumbList","@id":"https:\/\/www.tsfactory.com\/forums\/blog\/hackers-target-workday-in-social-engineering-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.tsfactory.com\/forums\/"},{"@type":"ListItem","position":2,"name":"Hackers target Workday in social engineering attack"}]},{"@type":"WebSite","@id":"https:\/\/www.tsfactory.com\/forums\/#website","url":"https:\/\/www.tsfactory.com\/forums\/","name":"Community","description":"TSFactory","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.tsfactory.com\/forums\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/9d9908f0e12559297335ebe9b601c82f","name":"Chelsie Wyatt","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.tsfactory.com\/forums\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/09ff3801fb7566acf715fe4e81a9bd942b923c236138a3ed8a8375f099e5d6d6?s=96&d=mm&r=g","caption":"Chelsie Wyatt"},"url":"https:\/\/www.tsfactory.com\/forums\/blog\/author\/chelsie\/"}]}},"_links":{"self":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1715","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/comments?post=1715"}],"version-history":[{"count":1,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1715\/revisions"}],"predecessor-version":[{"id":1716,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/posts\/1715\/revisions\/1716"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media\/738"}],"wp:attachment":[{"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/media?parent=1715"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/categories?post=1715"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.tsfactory.com\/forums\/wp-json\/wp\/v2\/tags?post=1715"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}