According to reports, Figure Technology has confirmed that its employees were tricked into having some customer files stolen. The company said the intrusion occurred when an internal account was used to download a limited batch of records. This breach was not caused by a flaw in the blockchain system, but by human error.
Reports said the stolen materials were later posted online by a group of hackers who claimed responsibility. The group is said to have released approximately 2.5GB of data after ransom negotiations broke down. This public waste quickly gained attention across the cryptocurrency and fintech space.
Customer name and contact information in the spill
Based on a report that examined a sample of the leaked files, the leaked data includes names, home addresses, dates of birth, and phone numbers. These are the types of details commonly used in identity fraud and targeted fraud.
The exact number of customers affected was not disclosed. The lack of this number leaves uncertainty about how large the fallout will be.
Security researchers have warned that even if bank accounts or cryptocurrency wallets have not been touched, personal data alone can pose serious risks. These types of breaches are often followed by phishing calls, fake loan offers, and account takeover attempts.
Total crypto market cap at $2.34 trillion on the daily chart: TradingView
Illustration hit by social engineering attack
Reports of the incident say the attackers used social engineering techniques to gain access to employee credentials or active sessions. Instead of breaking the code, they relied on deception. Once inside, the files were downloaded through the employee’s permissions.
The company said it detected suspicious activity and moved to block it. External forensic experts were brought in to examine system logs and determine what was accessed. A broader internal review is also underway.
Image: CybersecAsia
ShinyHunters claimed responsibility for the breach on the leaked site. The group has been implicated in past data breaches involving technology and financial companies. In this case, the data was released because the payment request was reportedly rejected.
Figure said the information would notify the customers involved. Free credit monitoring services are provided to those who receive formal notification. Affected individuals are advised to be on the lookout for unusual activity or unsolicited messages.
Security of funds and core services
The report said no lending operations or on-chain systems were compromised. The platform’s core financial infrastructure is not listed as being affected. Still, the disclosure of personal records carries some weight.
Financial companies remain frequently targeted because they maintain detailed customer files. A single employee account that falls into the wrong hands can open more doors than you expected. That lesson resurfaced here.
Regulators may seek further details in the coming weeks. Customers are waiting for clearer numbers. The long-term costs, both financial and reputational, depend on how widely data is disseminated and how quickly protective measures are taken.
Featured image from Yahoo Finance, chart from TradingView
editing process for bitcoinist is focused on providing thoroughly researched, accurate, and unbiased content. We adhere to strict sourcing standards, and each page is carefully reviewed by our team of top technology experts and experienced editors. This process ensures the integrity, relevance, and value of your content to your readers.
