Figure Technology Suffers Major Data Breach Following Social Engineering Attack

13.02.2026
Figure Technology Suffers Major Data Breach Following Social Engineering Attack

Figure Technology, a prominent blockchain-based fintech lending platform, has officially confirmed a significant data breach incident. The company disclosed that the security compromise originated from a social engineering attack that successfully deceived an employee, enabling threat actors to exfiltrate a limited number of confidential files.

According to the company's official statement, Figure is actively collaborating with security partners and affected individuals, offering complimentary credit monitoring services to all impacted parties who receive breach notification. However, the organization has declined to provide detailed information regarding the scope and specific technical aspects of the incident.

ShinyHunters Claims Responsibility

The notorious hacking collective ShinyHunters has claimed responsibility for the breach through their official dark web leak platform. The threat actors alleged that Figure Technology refused to comply with ransom demands, prompting them to publish approximately 2.5 gigabytes of allegedly stolen data on underground forums.

Analysis of the leaked dataset revealed it contains sensitive personally identifiable information (PII), including:

• Customers' full legal names
• Residential addresses
• Dates of birth
• Contact phone numbers

Connection to Broader Okta-Related Campaign

A representative from ShinyHunters indicated that Figure Technology was compromised as part of a larger-scale hacking campaign targeting organizations utilizing Okta's single sign-on (SSO) infrastructure. This sophisticated operation has affected multiple high-profile institutions, including Harvard University and the University of Pennsylvania (UPenn), demonstrating the widespread impact of supply chain vulnerabilities in authentication systems.

This incident underscores the critical importance of comprehensive security awareness training and multi-layered defense strategies, particularly for organizations handling sensitive financial data in the fintech sector.

Sources:
Google Cloud: ShinyHunters SaaS Data Theft Campaign

Tags: fintech cybersecurity data breach social engineering ShinyHunters
Share: VK Telegram Twitter
🔔 Stay tuned and subscribe →
Telegram
Previous Next
52 views

Related news

US Investors Initiate International Arbitration Against South Korea Over Coupang Data Breach Investigation
US Investors Initiate International Arbitration Against South Korea Over Coupang Data Breach Investigation

12.02.2026

Hacktivist Exposes 500K+ Payment Records from Stalkerware Provider in Major Data Breach
Hacktivist Exposes 500K+ Payment Records from Stalkerware Provider in Major Data Breach

09.02.2026

Epstein's Outlook Account Compromised: Reddit Users Exploit Credentials Found in FBI Documents
Epstein's Outlook Account Compromised: Reddit Users Exploit Credentials Found in FBI Documents

04.02.2026

Marquis Blames SonicWall Breach for Ransomware Attack and Data Theft
Marquis Blames SonicWall Breach for Ransomware Attack and Data Theft

02.02.2026

Try these AI tools

crew
crew

Build multi‑agent AI workflows with 1200+ integrations, enterprise security, monitoring, and flexibl...

3
Deepengine
Deepengine

Deepengine delivers automated attack surface management, vulnerability scanning, pen testing, and co...

2
TOGGLE AI
TOGGLE AI

Experience AI-driven investment insights and analysis with TOGGLE AI's powerful fintech platform.

2
Popular today
  1. 1
    OpenAI Introduces Frontier: Enterprise-Grade AI Agent Management Platform 262 views
  2. 2
    OpenAI Dissolves Mission Alignment Team Amid Organizational Restructuring 120 views
  3. 3
    Critical Data Breach: Openclaw Bot Exposes User Credentials Through Unprotected... 119 views
  4. 4
    Xiaomi Launches Smart AI-Powered Head Massage Comb with Heating and Personalized... 117 views
  5. 5
    Apeiron Labs Secures $9.5M Series A to Deploy Fleet of Autonomous Underwater Veh... 106 views
More from category "Cybersecurity"
Our projects
FontDetector Pro
FontDetector Pro
FontDetector Pro is a handy tool for finding, comp...
N8N Master
N8N Master
Supercharge Your n8n Experience with n8n Master –...
Back to news