SAP Knowledge Base Article - Public

2622279 - Fancy Bear (APT28) cyber attacks | SAP SuccessFactors considerations


  • We would like be made aware of any threats against 'APT28' in our SuccessFactors environments;
  • Does Fancy Bear Group represents any risk to SuccessFactors?
  • Has any SuccessFactors data leaked or broken by APT28 attacks?


SAP SuccessFactors HXM Suite


  • SAP and its subsidiaries are aware of recent publications with regards to a group known as “APT28” (also known as Fancy Bear, Pawn Storm, Sednit, Sofacy Group, and STRONTIUM).
  • In light of heightened IT cybersecurity threats, SAP is focusing on safeguarding the integrity and security of its customers’ business operations and information. Currently, we have no evidence that any SAP managed services are affected by the “APT28” threat but we will continue to thoroughly investigate the issue.
  • In case SAP discovers a Security Breach caused by this threat, SAP will notify affected customers without delay and in accordance with the contractually agreed processes.
  • Further information on security at SAP can be found at:


Cyber, Attack, Security,  APT28, Fancy Bear, Pawn Storm, Sednit, Sofacy Group, STRONTIUM , KBA , LOD-SF-PLT-SEC , Security Reports , LOD-SF-PLT , Platform Foundational Capabilities , How To


SAP SuccessFactors HXM Suite all versions