Figure Technology, a publicly traded blockchain-based lender company, has confirmed that hackers gained access to customer information by tricking an employee through a social engineering scheme. As per the report from TechCrunch, attackers claimed that they had released 2.5 gigabytes of stolen data after the company refused to pay a ransom.
How did the hack happen?
One of the staff members was manipulated by an outside actor, which allowed the attacker to download the files using the employee’s legitimate account. According to the company, the suspicious activity was blocked quickly, and forensic investigations have been launched. A report from TechCrunch said that the stolen files may include full names, home addresses, dates of birth, and phone numbers. Still, there is no confirmation that the passwords or financial assets were accessed.
The cybercrime group ShinyHunters claims responsibility, and one alleged member said that the breach is part of the wider campaign targeting organizations that use the identity and login provider Okta. The group alleged that it had released about 2.5 GB of data after the company refused the ransom demands. The company says that it is now notifying affected individuals and offering free credit monitoring with strong internal security controls.
Expert’s Advice
Cybersecurity experts warn that social engineering attacks don’t break the software; instead, they trick humans, and criminals may pretend to be IT staff and send fake approval requests with some urgent messages to pressure the victims. Once the access is granted, they operate as legitimate users. Right now, investigators are still working to confirm which file has been stolen and how many people are affected. So further updates are expected once the forensic review is complete.
Highlighted Crypto News:
KuCoin Institutional Premiere 2026 Highlights Long-Term Growth and Market Resilience
