Episode Summary

HR giant Workday falls victim to ShinyHunters' sophisticated social engineering campaign, exposing how simple phone calls can bypass enterprise-grade security. Host Lucy Harper breaks down the attack methods and provides actionable defence strategies for UK businesses facing this escalating threat.

What You'll Learn

• How the ShinyHunters group uses voice phishing to breach major corporations including Workday, Google, and Adidas
• The technical methods behind social engineering attacks targeting Salesforce and CRM systems
• Why UK SMEs face higher risk and the four hundred thousand pound ransom already paid by one victim
• Four immediate action steps to protect your business from sophisticated voice phishing campaigns
• Advanced OAuth security measures and connected application monitoring strategies

Critical Statistics Mentioned

• Over 11,000 organisations use Workday services, including sixty percent of Fortune 500 companies
• Four hundred thousand pounds ransom payment made by one company to prevent data leak
• Ten-day delay between Workday's breach discovery and public disclosure
• August 6th discovery date versus August 16th disclosure timeline
• Multiple major corporations targeted including Adidas, Google, Qantas, Allianz Life, Louis Vuitton, Dior, Tiffany & Co, and Chanel
• Eight-digit connection codes used by criminals to link malicious data extraction tools
• Third-party CRM platform compromised rather than core Workday systems
• English-speaking employees specifically targeted at multinational corporations

Key Sources & References

• BleepingComputer: Workday breach disclosure and ShinyHunters campaign details
• Google Threat Intelligence Group: UNC6040 vishing campaign analysis
• Malwarebytes: Comprehensive analysis of Salesforce social engineering attacks
• GBHackers: Workday data breach technical details and impact
• Computer Weekly: ShinyHunters campaign methodology and attribution
• Salesforce Ben: Google breach confirmation and industry impact analysis
• ShadowOpsIntel: Chanel breach details and OAuth security implications
• Medium: Technical analysis of UNC6040 attack patterns and infrastructure
• Cybersecurity Dive: Malicious Salesforce tool abuse and extortion tactics

Episode Sponsor

Equate Group - Comprehensive cybersecurity and IT services specialising in social engineering defence training, security operations centre monitoring, and OAuth application security auditing.

Your Next Steps

Implement immediate social engineering verification protocols across your organisation today. Audit all connected applications with administrative access, particularly CRM and cloud platforms. Establish multi-person approval processes for new application integrations. If your business lacks dedicated cybersecurity expertise, professional social engineering defence training becomes essential.

Source Verification Standards

All sources cited in this episode have been fact-checked and verified through multiple authoritative channels. Cybersecurity research firms and threat intelligence groups serve as primary sources for attack methodology and attribution. Financial figures are cross-referenced through industry security publications. UK-specific risk assessment prioritises government and established UK cybersecurity guidance.

Disclaimer

This episode provides general guidance only. Always consult qualified cybersecurity professionals before making critical infrastructure changes. Content is based on independent research and industry best practices.🎧 Subscribe for daily cybersecurity updates

👍 Like this episode if it helped you prepare

Production: Small Business Cyber Security Guy Production

Host: Lucy Harper

Sponsor:

All rights reserved