Blockchain Lender Figure Technology Hit by Customer Data Leak

Key Takeaways

• Figure suffered a data breach after hackers used social engineering to access an employee account.
• ShinyHunters leaked about 2.5GB of customer data, including personal details.
• The company is investigating and offering free credit monitoring to affected users.

The breach traces back to a targeted social engineering scheme aimed at a company employee. By manipulating internal access credentials, attackers were able to enter a legitimate account and extract internal files before the intrusion was detected. The company says only a limited dataset was accessed, though a forensic review is still underway to verify the scope.

Hackers Claim Broader Campaign

The cybercrime group ShinyHunters has taken credit for the attack. After alleging that ransom negotiations failed, the group published roughly 2.5GB of data through its dark web channels. Samples reviewed by security researchers suggest the leak contains highly sensitive personal details, including full names, residential addresses, birth dates and phone numbers.

In its public statements, ShinyHunters framed the breach as part of a wider offensive against organizations relying on Okta for single sign-on authentication. The group has also referenced incidents involving Harvard University and the University of Pennsylvania, though those claims have not been fully detailed.

Containment and Damage Control

Figure says it moved quickly once irregular account behavior was flagged, shutting down the compromised access point and bringing in an external digital forensics firm. The company is now notifying affected individuals and coordinating with partners to limit downstream risk.

As part of its response, Figure is offering complimentary credit monitoring to customers who receive formal breach notifications. The firm maintains that no evidence currently suggests widespread financial account compromise, but it has not ruled out further findings as the investigation develops.

Investors Look Past the Headlines

Interestingly, the market reaction did not mirror the severity of the news cycle. Shares of Figure (FIGR) closed higher on the day of the announcement, rising more than 3% to $35.29. That rebound comes despite a steep slide over the past month, during which the stock has lost roughly a third of its value.

The episode underscores how human-targeted attacks remain one of the weakest links in corporate cybersecurity frameworks. Even firms with advanced authentication systems can be exposed when attackers successfully exploit trust rather than technology.

The information provided in this article is for educational purposes only and does not constitute financial, investment, or trading advice. Coindoo.com does not endorse or recommend any specific investment strategy or cryptocurrency. Always conduct your own research and consult with a licensed financial advisor before making any investment decisions.

The post Blockchain Lender Figure Technology Hit by Customer Data Leak appeared first on Coindoo.