Fintech Firm Figure Discloses Data Breach Following Phishing Attack

Fintech Firm Figure Discloses Data Breach Following Phishing Attack 🚨

Fintech firm Figure has confirmed a data breach after hackers used social engineering to trick an employee and steal a limited number of files. The blockchain-based lending firm revealed that the incident allowed hackers to access and steal sensitive information.

According to a company spokesperson, the breach occurred when an employee fell victim to a social engineering attack. Figure Technology Solutions, Inc., established in 2018, develops and operates blockchain-based platforms used in lending, capital markets, and asset management.

The company disclosed the breach following inquiries and is currently assessing the impact. On Friday, Figure spokesperson Alethea Jadick informed TechCrunch that the security breach allowed hackers to steal “a limited number of files.” She mentioned that the company is communicating with partners and those impacted, offering free credit monitoring to all individuals who receive a notice.

Figure has started notifying affected individuals and has not disclosed the number of impacted users or when the breach was discovered.

The cybercrime group ShinyHunters claimed responsibility for the breach on its dark web site, stating that Figure refused to pay a ransom and released about 2.5GB of stolen data. TechCrunch reviewed samples showing names, addresses, birth dates, and phone numbers, raising risks of identity fraud and phishing. Additionally, a member of ShinyHunters mentioned that Figure was among the victims of a hacking campaign targeting customers who rely on the single sign-on provider Okta.

For more details, Read full article.