Fintech Lender Figure Confirms Data Breach
Figure Technology, a company known for its blockchain-based lending solutions, has confirmed it recently experienced a data breach. The incident occurred when an employee fell victim to a sophisticated social engineering attack. This allowed unauthorized individuals to gain access to and steal a limited number of files from the company's systems.
In a statement, a spokesperson for Figure expressed commitment to assisting affected partners and individuals. The company is proactively offering complimentary credit monitoring services to everyone who receives a formal notification about their potential involvement in the breach. However, the spokesperson declined to provide specific details in response to further inquiries regarding the incident.
The hacking group known as ShinyHunters has publicly claimed responsibility for the breach. They announced their actions on their dark web leak site, stating that Figure refused to meet their ransom demands. The group subsequently published approximately 2.5 gigabytes of data they allege was stolen from Figure.
An examination of a portion of the leaked data revealed sensitive information belonging to Figure's customers. This included full names, home addresses, dates of birth, and phone numbers. This type of information poses a significant risk for identity theft and other fraudulent activities.
A representative from ShinyHunters indicated that Figure was one of several targets in a broader hacking campaign. This campaign specifically aimed at organizations utilizing the single sign-on provider Okta. Among the other high-profile victims reportedly affected by this same campaign are Harvard University and the University of Pennsylvania.
Stay Tuned to Devignitor Insights for More Updates
