Overview
- Figure says an employee was socially engineered, enabling unauthorized download of a limited set of customer files.
- Samples reviewed by reporters show exposed PII including full names, home addresses, dates of birth, and phone numbers.
- ShinyHunters claims responsibility, says a ransom was refused, and has published roughly 2.5GB of alleged data online.
- Figure reports it blocked the activity, engaged a forensic firm, and is notifying affected individuals with free credit monitoring.
- A ShinyHunters member links the intrusion to an Okta single sign-on targeting campaign, a claim that has not been independently confirmed; the number of impacted customers remains undisclosed.