Figure Technology, one of the biggest blockchain lending platforms, has verified that it has experienced a data breach that happened when one of its employees fell victim to a social engineering attack.
The situation played to the advantage of the hackers who illegally accessed company files, and as a result, 2.5GB of data was leaked.
The hacking organization ShinyHunters has accepted the responsibility, and they have said that the data was leaked because Figure did not act on their demands.
Meanwhile, in another attack on a decentralized finance platform, Step Finance, on the Solana blockchain, one of the users stole more than $29 million in SOL tokens.
Figure technology’s breach and response
Figure Technology has accepted that the attack occurred because one of the employees was a victim of a social engineering attack.
The attacker manipulated the employee psychologically by convincing him to have access to files in the company system.
Following the discovery of the breach, Figure immediately stopped the unauthorized access and went on to hire a forensic firm that helped to investigate the affected files.
One of the company representatives said that the company is collaborating with the involved parties and providing free credit checks to the people who were affected by the breach.
The incident was attributed to ShinyHunters, a famous black-hat hacking organization.
The figure declined to accommodate the demands of the group, and hence, 2.5GB of stolen data was released, as per the group.
In defense, Figure said the files that were compromised in the breach were not widespread, and the company has implemented measures to ensure that no more incidents occur.
With this notwithstanding, the spokesperson did not give more information about the nature of the files or the actual number of the breach.
Growing concerns over cybersecurity
The Figure incident is part of a bigger movement of cybersecurity issues within the world of technology.
The firm, in a report by Chainalysis, admitted that scams using cryptocurrencies, including social engineering, resulted in an estimated loss of 17 billion the previous year.
The emergence of AI-driven fraud and impersonation methods has contributed to the fact that such attacks are more authentic and prevalent, further exposing the companies operating in the field to greater risks.
Also, the threat of data breaches remains extremely high to businesses, where in the last year alone, more than 8,000 security incidents were reported.
According to the experts in the industry, social engineering techniques are increasingly becoming more advanced, and companies face greater difficulty in securing their sensitive data.
The attack on Figure illustrates that there is a need to have a good training and awareness program to train the employees on what to do to prevent such attacks.
Step Finance suffers significant losses
In another case, Step Finance, one of the leading applications in the Solana blockchain network, declared that its treasury wallets were breached.
Hackers had managed to steal about 261,854 SOL tokens, and it was worth close to $29 million during the theft.
The platform has verified the breach, and it is currently looking into the reason. Nevertheless, Step Finance has not revealed the nature of the breach, which was caused by smart contract vulnerability, access control, and other factors.
The site, though did not provide any specifics, but assured its users that it is seeking the help of the cybersecurity experts to solve the issue.
It is still not clear whether user funds that were not in the affected treasury wallets were compromised.
The speculation about the breach has led to panic among the community, as many of them are in need of understanding what happened concerning the incident.
Both violations point to the increasing security risks of blockchain-related companies and decentralized financial systems.
Since cyberattacks are increasingly becoming sophisticated, companies need to be keen to protect their data and systems.
The recent events in Figure Technology and Step Finance indicate that the blockchain world faces constant threats, which prove the necessity to continue spending on cybersecurity.
