They have a huge amount of federal contracts. This will be interesting.

This seems like a nothingburger? By all accounts it seems like their salesforce database that got breached, which means realistically means contact details for key decision makers that they're trying to sell to (think CEO, CFO, head of HR, etc.). Don't get me wrong, all things being equal I'd prefer the leak to not have happened, but whatever contact info is in the database probably was already semi-public, given some salesperson at workday had to find it to enter it in the first place.

>Then there’s this spicy little detail from TechCrunch: the company’s blog post announcing the breach has a “noindex tag” in the source code, which signals to search engine crawlers not to index the page so it won’t come up in search results.

This is trivially disproven by clicking on an unrelated story[1] and seeing that it also has the <meta name="robots" content="nofollow, noindex"/> tag.

[1] https://blog.workday.com/en-us/our-commitment-to-our-europea...

    The company said the breach hit some of its third-party customer relationship databases. If any other data was stolen, Workday didn’t say for sure. The company only said there was “no indication of access to customer tenants or the data” within those databases

So that would be customer data of the admin / HR team at their customers, but not all the users, so while not good, it's not going to directly give really sensitive data; most likely to be used for further phishing attacks.

The real story here is that gizmodo is still a going concern.

Google did a very good writeup on this type of Salesforce phishing attack: https://cloud.google.com/blog/topics/threat-intelligence/voi...

Great! Can all companies please put this data in their own databases so we don't need to fill the same data for every single company please??