Workday, a leading human resources software provider, disclosed a data breach resulting from a social engineering attack targeting one of its third-party customer relationship management (CRM) platforms. Hackers accessed and stole an unspecified amount of personal information, including names, email addresses, and limited business contact details. The attackers reportedly impersonated members of organizations' HR or IT groups to deceive Workday employees. The breach is believed to be linked to the ShinyHunters group, which has been involved in recent Salesforce-related cyberattacks. While Workday has downplayed the overall impact of the incident, it acknowledged that data was taken. Additionally, reports indicate that Workday attempted to limit public disclosure of the breach by restricting search engine indexing. The incident highlights ongoing cybersecurity challenges faced by HR platforms amid increasing social engineering tactics targeting CRM systems.