SAP Knowledge Base Article - Public

2622279 - Questions relating to recent cyber attacks


We would like be made aware of any threats against 'APT28' in our SuccessFactors instance




  • SAP and its subsidiaries are aware of recent publications with regards to a group known as “APT28” (also known as Fancy Bear, Pawn Storm, Sednit, Sofacy Group, and STRONTIUM).
  • In light of heightened IT cybersecurity threats, SAP is focusing on safeguarding the integrity and security of its customers’ business operations and information. Currently, we have no evidence that any SAP managed services are affected by the “APT28” threat but we will continue to thoroughly investigate the issue.
  • In case SAP discovers a Security Breach caused by this threat, SAP will notify affected customers without delay and in accordance with the contractually agreed processes.
  • Further information on security at SAP can be found at:


Cyber, Attack, Security,  APT28, Fancy Bear, Pawn Storm, Sednit, Sofacy Group, STRONTIUM , KBA , LOD-SF-PLT , Foundational Capabilities & Tools , LOD-SF-PLT-SEC , Security & Permissions , Problem


SAP SuccessFactors HCM Suite all versions