Nearly 1 million user records were exposed in a breach at blockchain-powered lender Figure Technology Solutions after an employee fell victim to a social engineering attack. The ShinyHunters group claimed responsibility and published more than 2.4GB of stolen files, with Have I Been Pwned identifying roughly 967,000 affected Figure records, including names, dates of birth, email and postal addresses, and phone numbers. #ShinyHunters #FigureTechnologySolutions
Keypoints
- Roughly 967,000 Figure user records were identified in the leaked data.
- Exposed information includes names, dates of birth, email addresses, postal addresses, and phone numbers.
- Attackers gained access after an employee fell for a social engineering attack targeting SSO credentials.
- ShinyHunters posted over 2.4GB of alleged stolen Figure data on its Tor-based leak site.
- ShinyHunters linked the incident to a broader Okta voice-phishing campaign that hit other companies like Betterment, Crunchbase, and Panera Bread.
Read More: https://www.securityweek.com/nearly-1-million-user-records-compromised-in-figure-data-breach/