Blockchain Lender Figure Technology Hit by Customer Data Leak
A fresh cybersecurity incident has placed Figure Technology under scrutiny after hackers released customer information on the dark web, forcing the fintech lender into emergency response mode.
Key Takeaways
- Figure suffered a data breach after hackers used social engineering to access an employee account.
- ShinyHunters leaked about 2.5GB of customer data, including personal details.
- The company is investigating and offering free credit monitoring to affected users.
The breach traces back to a targeted social engineering scheme aimed at a company employee. By manipulating internal access credentials, attackers were able to enter a legitimate account and extract internal files before the intrusion was detected. The company says only a limited dataset was accessed, though a forensic review is still underway to verify the scope.
Hackers Claim Broader Campaign
The cybercrime group ShinyHunters has taken credit for the attack. After alleging that ransom negotiations failed, the group published roughly 2.5GB of data through its dark web channels. Samples reviewed by security researchers suggest the leak contains highly sensitive personal details, including full names, residential addresses, birth dates and phone numbers.
In its public statements, ShinyHunters framed the breach as part of a wider offensive against organizations relying on Okta for single sign-on authentication. The group has also referenced incidents involving Harvard University and the University of Pennsylvania, though those claims have not been fully detailed.
Containment and Damage Control
Figure says it moved quickly once irregular account behavior was flagged, shutting down the compromised access point and bringing in an external digital forensics firm. The company is now notifying affected individuals and coordinating with partners to limit downstream risk.
As part of its response, Figure is offering complimentary credit monitoring to customers who receive formal breach notifications. The firm maintains that no evidence currently suggests widespread financial account compromise, but it has not ruled out further findings as the investigation develops.
Investors Look Past the Headlines
Interestingly, the market reaction did not mirror the severity of the news cycle. Shares of Figure (FIGR) closed higher on the day of the announcement, rising more than 3% to $35.29. That rebound comes despite a steep slide over the past month, during which the stock has lost roughly a third of its value.
The episode underscores how human-targeted attacks remain one of the weakest links in corporate cybersecurity frameworks. Even firms with advanced authentication systems can be exposed when attackers successfully exploit trust rather than technology.
The information provided in this article is for educational purposes only and does not constitute financial, investment, or trading advice. Coindoo.com does not endorse or recommend any specific investment strategy or cryptocurrency. Always conduct your own research and consult with a licensed financial advisor before making any investment decisions.
Alex is an experienced financial journalist and cryptocurrency enthusiast. With over 8 years of experience covering the crypto, blockchain, and fintech industries, he is well-versed in the complex and ever-evolving world of digital assets. His insightful and thought-provoking articles provide readers with a clear picture of the latest developments and trends in the market. His approach allows him to break down complex ideas into accessible and in-depth content. Follow his publications to stay up to date with the most important trends and topics.
