Human Resources platform Workday says it was targeted by a social engineering hack in which attackers extracted contact info and other information about clients.
Workday says bad actors contacted employees while pretending to be members of their organization's HR or IT group.
Compromised materials included contact information like names, phone numbers and email addresses. Workday says the information was extracted from a third-party platform it uses, but says "There is no indication of access to customer tenants or the data within them."
Workday says the stolen information could be useful if the attackers make further social engineering efforts against other targets.
The company has put new security measures in place following the incident and reminds customers that the only way it will ask for secure details about accounts is through its existing support channels.
RELATED STORY | Microsoft warns of active attacks on SharePoint file sharing servers
Workday provides Human Resources tools and other services for more than 11,000 companies, totaling more than 70 million users.
