Figure Technology Confirms Customer Data Breach After Social Engineering Attack

TheNewsCryptoPublicado a 2026-02-14Actualizado a 2026-02-14

Resumen

Figure Technology, a blockchain-based lending firm, has confirmed a data breach resulting from a social engineering attack. Hackers tricked an employee into providing access, leading to the theft of approximately 2.5 GB of customer data, including names, addresses, birth dates, and phone numbers. The group ShinyHunters claimed responsibility and released the data after the company refused to pay a ransom. No financial information or passwords were confirmed to be compromised. The company has launched an investigation, notified affected customers, and is offering free credit monitoring. Cybersecurity experts emphasize that such attacks target human vulnerabilities rather than technical flaws.

Figure Technology, a publicly traded blockchain-based lender company, has confirmed that hackers gained access to customer information by tricking an employee through a social engineering scheme. As per the report from TechCrunch, attackers claimed that they had released 2.5 gigabytes of stolen data after the company refused to pay a ransom.

How did the hack happen?

One of the staff members was manipulated by an outside actor, which allowed the attacker to download the files using the employee’s legitimate account. According to the company, the suspicious activity was blocked quickly, and forensic investigations have been launched. A report from TechCrunch said that the stolen files may include full names, home addresses, dates of birth, and phone numbers. Still, there is no confirmation that the passwords or financial assets were accessed.

The cybercrime group ShinyHunters claims responsibility, and one alleged member said that the breach is part of the wider campaign targeting organizations that use the identity and login provider Okta. The group alleged that it had released about 2.5 GB of data after the company refused the ransom demands. The company says that it is now notifying affected individuals and offering free credit monitoring with strong internal security controls.

Expert’s Advice

Cybersecurity experts warn that social engineering attacks don’t break the software; instead, they trick humans, and criminals may pretend to be IT staff and send fake approval requests with some urgent messages to pressure the victims. Once the access is granted, they operate as legitimate users. Right now, investigators are still working to confirm which file has been stolen and how many people are affected. So further updates are expected once the forensic review is complete.

Highlighted Crypto News:

KuCoin Institutional Premiere 2026 Highlights Long-Term Growth and Market Resilience

Preguntas relacionadas

QWhat type of attack did Figure Technology experience that led to the customer data breach?

AFigure Technology experienced a social engineering attack where hackers tricked an employee to gain access to customer information.

QWhich cybercrime group claimed responsibility for the attack on Figure Technology?

AThe cybercrime group ShinyHunters claimed responsibility for the attack.

QWhat specific customer information was potentially exposed in the data breach according to the TechCrunch report?

AAccording to the TechCrunch report, the stolen files may include full names, home addresses, dates of birth, and phone numbers.

QWhat action did the attackers take after the company refused to pay the ransom?

AAfter the company refused to pay the ransom, the attackers claimed to have released about 2.5 gigabytes of stolen data.

QWhat is the company doing to assist the affected individuals following the breach?

AThe company is notifying affected individuals and offering them free credit monitoring.

Lecturas Relacionadas

Bitcoin Bearish Flag Is Still In Play, So Price Could Crash Again

Crypto analyst Captain Faibik warns that despite Bitcoin's recent surge above $70,000 and a brief rally to $73,000, the market remains in a bearish trend. He suggests the current uptrend is temporary and driven by a liquidity grab, potentially peaking between $77,000-$78,000. Following this, a 20% correction could occur, pushing the price down to the $54,000-$56,000 range, which would establish a new cycle low below the current $60,000 support. While bearish on Bitcoin, the analyst remains optimistic about altcoins, allocating 30% of his funds there. He advises investors to wait for confirmation before making moves.

bitcoinistHace 36 min(s)

Bitcoin Bearish Flag Is Still In Play, So Price Could Crash Again

bitcoinistHace 36 min(s)

Brother Sun "Rights Protection" Stands Up Against the Trump Family, WLFI Is the Real Scythe in the Crypto Circle

The article details the controversy surrounding World Liberty Financial (WLFI), a cryptocurrency project linked to the Trump family. It reports that WLFI allegedly used the DeFi lending protocol Dolomite, whose co-founder is also a WLFI advisor, as a disguised channel to sell tokens by collateralizing around 5 billion WLFI tokens to borrow approximately $75 million in stablecoins. Despite WLFI's claims that the loans were for ecosystem development and posed no liquidation risk, critics argue it was a way for insiders to cash out, shifting risk to retail investors. The piece highlights WLFI's significant price decline—over 66% since its September 2025 launch—and suggests the Trump family and insiders are the main source of selling pressure, as they control nearly 74% of the token supply. It also revisits WLFI’s prior move to blacklist 272 addresses, including those of investor Justin Sun, under the pretext of preventing large-scale sell-offs, which now appears to be an effort to reduce competition for their own sales. Sun publicly accused WLFI of exploiting users, freezing assets, and treating the crypto community as a "personal ATM." WLFI countered by threatening legal action. The author notes that while Sun’s criticism may gain sympathy, a legal battle in the U.S. against the well-connected Trump family would be risky for him. Finally, the article concludes that WLFI exemplifies how powerful elites can exploit crypto’s regulatory gray areas for profit, and urges the community to reject such projects driven more by political privilege than genuine decentralized finance ideals.

Odaily星球日报Hace 50 min(s)

Brother Sun "Rights Protection" Stands Up Against the Trump Family, WLFI Is the Real Scythe in the Crypto Circle

Odaily星球日报Hace 50 min(s)

Tsinghua's Prediction 2 Years Ago Is Becoming Global Consensus: Meta and Two Other Major AI Institutions Have Reached the Same Conclusion

Summary: In a remarkable validation of Chinese AI research, Meta and METR have independently reached conclusions that align perfectly with the "Density Law" proposed by a Tsinghua University and FaceWall Intelligent team two years ago. Published in Nature Machine Intelligence in late 2025, the law states that the computational power required to achieve a specific level of AI performance halves every 3.5 months. This convergence was starkly evident in April 2026. METR reported that AI capabilities are doubling every 88.6 days, while Meta's new model, Muse Spark, demonstrated it could match the performance of a model from the previous year using less than one-tenth of the training compute. When plotted, the growth curves from all three sources—using different metrics (parameters, compute, task length)—show an almost identical exponential slope. The findings have profound implications: AI inference costs are collapsing faster than anticipated, powerful edge-computing AI is becoming rapidly feasible, and the industry's strategy of simply scaling model size is becoming economically inefficient. The Chinese team, which has been building its "MiniCPM" model series based on this law since 2024, is seen as having a significant two-year lead in practical engineering experience, marking a rare instance where Chinese researchers pioneered a fundamental predictive trend in AI.

marsbitHace 54 min(s)

Tsinghua's Prediction 2 Years Ago Is Becoming Global Consensus: Meta and Two Other Major AI Institutions Have Reached the Same Conclusion

marsbitHace 54 min(s)

Claude's Intelligence Decline: Suicide or Playing Dead?

Recent reports indicate that Claude Opus 4.6, Anthropic's flagship model, has experienced a significant decline in performance, with its global ranking dropping from 2nd to 10th on BridgeBench. Accuracy fell sharply from 83.3% to 68.3%, while the hallucination rate nearly doubled. Users expressed frustration over the model's reduced capability for complex tasks. However, leaked internal screenshots suggest Anthropic is shifting focus toward a broader strategy: developing Claude Projects, a full-stack application builder. This platform allows users to create functional applications—such as AI chatbots, interactive games, and SaaS dashboards—with minimal coding, potentially making traditional programming obsolete. Anthropic’s move appears to prioritize platform ecosystem development over model leaderboard rankings. With annual revenue reaching $30 billion, largely from API usage, the company aims to reduce dependency on commoditized AI models by creating a sticky, integrated environment where users build and deploy directly within its ecosystem. This strategic pivot reflects a broader industry trend where becoming an indispensable infrastructure matters more than having the highest-performing model in benchmarks.

marsbitHace 1 hora(s)

Claude's Intelligence Decline: Suicide or Playing Dead?

marsbitHace 1 hora(s)

In-Depth Reconstruction of the $285 Million Drift Hack: How Should DeFi Governance Move Beyond "Amateur Hour"?

On April 1, 2026, Drift Protocol, the largest perpetual futures DEX on Solana, suffered a catastrophic hack resulting in a loss of $285 million. The attack, attributed to a sophisticated social engineering campaign rather than a technical exploit, unfolded over several months. Hackers first infiltrated Drift’s internal circles by posing as a legitimate market maker, building trust over time. They then exploited Solana’s "Durable Nonce" feature to trick core team members into blindly signing transactions that granted administrative control. A critical vulnerability was introduced when Drift migrated to a 2/5 multisig structure without a timelock, allowing instant execution of privileged transactions with just two signatures. The attackers finally triggered the attack by adding a fake token (CVT) to the whitelist, manipulating its oracle price, and using it as collateral to drain the protocol’s treasury. The incident highlights fundamental flaws in DeFi governance, including overreliance on multisig mechanisms that lack intent verification and are vulnerable to social engineering. It underscores the misalignment between retail-grade security tools and institutional-scale treasury management. The hack signals the need for a security paradigm shift in DeFi, including adoption of Hardware Security Modules (HSMs) for key management, intent-based policy engines for transaction validation, and professional third-party custody solutions to ensure institutional-grade safety.

marsbitHace 1 hora(s)

In-Depth Reconstruction of the $285 Million Drift Hack: How Should DeFi Governance Move Beyond "Amateur Hour"?

marsbitHace 1 hora(s)

Trading

Spot

Futuros