Figure Technology has confirmed that some customer files were stolen after an employee was defrauded, according to reports. The company says the hack happened when an internal account was used to download a limited collection of records. The breach did not stem from a flaw in its blockchain system, but human error.
Reports say the stolen items were later posted online by a group of criminals who claimed responsibility. The group is said to have released about 2.5GB of data after allegedly unsuccessful rescue negotiations. That public outcry quickly drew attention across the crypto and fintech space.
Customer Names, Contact Information Among Disclosures
Based on updated reports of samples of the leaked files, the data exposed includes full names, home addresses, dates of birth, and phone numbers. These are the types of information that are often used in identity fraud or targeted fraud.
The exact number of affected customers has been shared publicly. That missing figure leaves uncertainty about how big the fallout could be.
Security researchers warn that even when bank accounts or crypto wallets are untouched, personal data alone can pose a serious risk. Phishing calls, fake loan offers, and account takeover attempts often follow this type of leak.
Total crypto market cap at $2.34 trillion on the daily chart: TradingView
Figure Struck by Social Engineering Attacks
According to the incident report, the attackers used a social engineering method to gain access to the employee’s credentials or active session. Instead of breaking the law, they rely on deception. Once inside, the files are downloaded using the access rights of that job.
The company said it saw suspicious things and moved to block it. Outside intelligence experts were brought in to review the system logs and determine what had been accessed. An extensive internal review is also underway.
Image: CybersecAsia
ShinyHunters has claimed responsibility for its leaked site breach. The group has been linked to previous data exposures involving technology and financial firms. In this case, the information was made public after demands for payment were reportedly rejected.
Figure said he would inform customers of the information involved. Free credit monitoring services are offered to those who receive a formal notice. Affected individuals are advised to watch out for unusual activity and unsolicited messages.
Funds and Essential Services are Secured
Reports note that lending operations and on-chain systems have not been breached. The stadium’s financial infrastructure was not described as affected. However, the disclosure of personal records has its weight.
Financial companies are always common targets because they hold detailed customer files. A single employee account, if misused, can open the door wider than expected. This lesson is also available here.
Regulators may seek more information in the coming weeks. Customers will be expecting clear numbers. The long-term costs, financial and reputational, will depend on how widespread the data is and how quickly protective measures are taken.
Featured image from Yahoo Finance, chart from TradingView
Planning process because bitcoinist focuses on delivering well-researched, accurate, and unbiased content. We maintain strict sourcing standards, and each page is diligently reviewed by our team of senior technical experts and experienced editors. This process ensures the integrity, relevance, and value of our content to our readers.
