Figure Technology, a prominent blockchain-based lending platform, has acknowledged a data breach incident. The breach, as reported by TechCrunch, was the result of a social engineering attack on an employee, leading to the unauthorized access and theft of a limited number of files.
In response, Figure’s spokesperson, Alethea Jadick, stated that the company is actively collaborating with partners and affected individuals. As a measure of support, Figure is offering free credit monitoring services to all impacted parties upon notification.
While specific details about the extent of the breach remain undisclosed, the hacking group ShinyHunters has claimed responsibility for the incident. The group, known for data breaches, revealed that Figure’s refusal to meet their ransom demands resulted in the disclosure of 2.5 gigabytes of allegedly stolen data.
The compromised data reportedly included personal details such as customers’ full names, home addresses, dates of birth, and phone numbers. ShinyHunters also disclosed to TechCrunch that Figure was part of a larger hacking operation targeting users of the single sign-on provider Okta, with other victims including prestigious institutions like Harvard University and the University of Pennsylvania (UPenn).
Source: TechCrunch