Major Data Breach at Figure Technology Exposes Sensitive Customer Information
In a significant cybersecurity incident, Figure Technology, a prominent blockchain-based lending firm, has confirmed a data breach resulting in the exposure of sensitive customer information. The breach was initiated through a sophisticated social engineering attack that deceived an employee, granting unauthorized access to the company’s internal systems.
The cybercriminal group known as ShinyHunters has claimed responsibility for the attack. After Figure Technology declined to meet their ransom demands, ShinyHunters released approximately 2.5 gigabytes of data on the dark web. This dataset reportedly includes customers’ full names, home addresses, dates of birth, and phone numbers.
A spokesperson for Figure Technology, Alethea Jadick, stated that the company is actively communicating with affected partners and individuals. They are offering complimentary credit monitoring services to those impacted by the breach. However, specific details regarding the number of affected customers and the exact nature of the compromised data have not been disclosed.
This incident is part of a broader hacking campaign targeting organizations that utilize Okta’s single sign-on services. Other notable victims include Harvard University and the University of Pennsylvania. These attacks underscore the vulnerabilities associated with centralized authentication systems and highlight the need for enhanced security measures.
The breach at Figure Technology raises significant concerns about data security within the fintech sector. As financial institutions increasingly adopt digital solutions, they become more attractive targets for cybercriminals. This incident serves as a stark reminder of the importance of robust cybersecurity protocols and continuous vigilance to protect sensitive customer information.
