Fintech lending giant Figure confirms data breach
Summary
A recent security breach revealed that hackers, identified as ShinyHunters, accessed a limited number of files by infiltrating an employee's account. The company is addressing the incident to enhance its cybersecurity measures and protect sensitive information.
Key Insights
Who are ShinyHunters?
ShinyHunters is a notorious black-hat criminal hacker and extortion group formed around 2019, known for data theft and extortion campaigns targeting enterprises, often using voice phishing (vishing), social engineering, and OAuth abuse in SaaS platforms like Salesforce to steal sensitive data from multiple victims.
Sources:
[1]
How do ShinyHunters typically infiltrate company accounts?
ShinyHunters commonly uses voice phishing (vishing) by impersonating IT support to trick employees into providing credentials or authorizing malicious apps, such as modified Salesforce Data Loader tools via OAuth flows, or compromises employee accounts through smishing and insider access to exfiltrate data.