ExchangeDEX+

Buy Crypto Markets Spot FuturesGOLD Earn Event Center

Blockchain-based lending firm Figure Technology confirmed on Friday, February 13, 2026, that it experienced a customer data breach following a social engineeringBlockchain-based lending firm Figure Technology confirmed on Friday, February 13, 2026, that it experienced a customer data breach following a social engineering

Blockchain-based Lending Firm Confirms Customer Data Breach

Author: Ethnews

Source: Ethnews

2026/02/14 20:52

2 min read

For feedback or concerns regarding this content, please contact us at [email protected]

Blockchain-based lending firm Figure Technology confirmed on Friday, February 13, 2026, that it experienced a customer data breach following a social engineering attack targeting one of its employees.

The hacking group ShinyHunters claimed responsibility, alleging it released approximately 2.5 gigabytes of stolen data after the company declined to pay a ransom.

The incident adds to a broader wave of credential-based intrusions affecting organizations using third-party authentication systems.

How the Breach Occurred

According to company statements, the breach began when an employee was manipulated into granting unauthorized access. The attacker was able to download a “limited number of files” through the compromised account.

Figure spokesperson Alethea Jadick said the suspicious activity was detected and blocked shortly after it began. The company engaged a forensic investigation firm to assess the scope of the exposure and identify precisely which files were accessed.

The leaked materials reviewed by investigators and media outlets reportedly include sensitive personal data such as:

Full names
Home addresses
Dates of birth
Phone numbers

The extent of financial data exposure has not been publicly detailed.

Broader Campaign Linked to Okta Users

A member of ShinyHunters claimed the incident is part of a larger campaign targeting organizations that use Okta single sign-on services.

Other institutions reportedly affected in the same campaign include Harvard University and University of Pennsylvania. While the specific technical vectors may vary by organization, the pattern suggests attackers are exploiting credential access workflows rather than breaching core infrastructure directly.

Company Response and Mitigation

Figure stated that it has initiated direct outreach to partners and individuals potentially impacted by the breach. The company is offering free credit monitoring services to anyone who receives a formal notification.

Additionally, the firm has engaged cybersecurity specialists to strengthen internal safeguards and evaluate system vulnerabilities exposed during the incident.

Structural Implications

The attack underscores the persistent risk posed by social engineering, particularly in organizations handling sensitive financial data. Even when core systems remain uncompromised, employee-level credential access can create meaningful exposure.

As investigations continue, the primary focus will remain on containment, customer notification, and reinforcing authentication protocols to prevent similar incidents in the future.

The post Blockchain-based Lending Firm Confirms Customer Data Breach appeared first on ETHNews.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

Tags:

#ETF #Lending