en.bitcoinsistemi.com
Blockchain-based lending company Figure Technology has confirmed a data breach. The company stated that the attack occurred as a result of an employee being tricked through social engineering.
According to Figure spokesperson Alethea Jadick, who spoke to TechCrunch, the attackers obtained a “limited number of files” using this method. The company stated that it is in contact with the individuals and organizations affected by the incident and will offer free credit monitoring services to all users who received notifications.
However, the company did not respond to specific questions regarding the scope of the breach and how many people were affected.
The cyberattack was claimed by ShinyHunters, a hacker group previously associated with numerous high-profile data breaches. In a message published on a dark web leaks site, the group claimed that Figure refused to pay the ransom and that they therefore released approximately 2.5 gigabytes of data to the public.
TechCrunch reported that some of the data examined contained sensitive personal information belonging to customers, such as full name, home address, date of birth, and phone number.
A person identified as a member of ShinyHunters suggested that the attack was not an isolated incident but part of a broader campaign specifically targeting organizations using the single sign-on (SSO) provider Okta.
Institutions such as Harvard University and the University of Pennsylvania (UPenn) were also allegedly victims of the same attack.
*This is not investment advice.