Workiva Data Breach (2025)

"Workiva, a leading cloud-based SaaS (Software as a Service) provider, notified its customers that attackers who gained access to a third-party customer relationship management (CRM) system stole some of their data. The company's cloud software helps collect, connect, and share data for financial reports, compliance, and audits. It had 6,305 customers at the end of last year and reported revenues of $739 million in 2024. Its customer list includes 85% of the Fortune 500 companies and high-profile clients such as Google, T-Mobile, Delta Air Lines, Wayfair, Hershey, Slack, Cognizant, Santander, Nokia, Kraft Heinz, Wendy's, Paramount, Air France KLM, Mercedes-Benz, and more. According to a private email notification sent to affected Workiva customers last week and seen by BleepingComputer, the threat actors exfiltrated a limited set of business contact information, including names, email addresses, phone numbers, and support ticket content. "This is similar to recent events that have targeted several large organizations. Importantly, the Workiva platform and any data within it were not accessed or compromised," the company explained. "Our CRM vendor notified us of unauthorized access via a connected third-party application.""