Figure Technology, a blockchain-based lending fintech firm listed on the Nasdaq, confirmed that it suffered a significant data breach after attackers successfully used a social engineering tactic to compromise an employee’s account, allowing unauthorized access to internal files. The breach, for which the cybercriminal group ShinyHunters claimed responsibility, resulted in roughly 2.5 gigabytes of data being exfiltrated and published on the dark web following a refused ransom demand. Stolen information reportedly includes sensitive customer details such as full names, home addresses, dates of birth, and phone numbers, prompting the company to notify affected individuals and offer free credit monitoring services. Security analysts and reports indicate that this incident reflects broader and growing cyber threats targeting fintech and financial services, emphasizing persistent vulnerabilities in digital infrastructure and the ongoing need for robust cybersecurity measures.
Sources
https://techcrunch.com/2026/02/13/fintech-lending-giant-figure-confirms-data-breach/
https://finance.yahoo.com/news/fintech-lending-giant-figure-confirms-210246338.html
https://www.kucoin.com/news/flash/figure-technology-confirms-data-breach-via-social-engineering-attack
Key Takeaways
• A social engineering attack on an employee account at Figure Technology enabled hackers to steal and leak sensitive customer data, including names, addresses, dates of birth, and phone numbers.
• The cybercriminal group ShinyHunters claimed responsibility, stating that Figure refused to pay a ransom before the data was published on the dark web.
• In response to the breach, Figure Technology is notifying affected customers and offering complimentary credit monitoring as cybersecurity threats targeting financial companies rise.
In-Depth
Figure Technology’s recent data breach underlines a harsh reality for the financial services industry — even advanced fintech firms that champion blockchain and digital lending solutions can fall victim to relatively low-tech but highly effective social engineering attacks. According to official confirmations, attackers gained entry by manipulating an employee’s credentials, which led to unauthorized access to restricted company systems. Once inside, the attackers were able to extract an estimated 2.5 gigabytes of sensitive data, including personally identifiable information such as customer names, home addresses, dates of birth, and phone numbers. This kind of data, while not directly financial account credentials or passwords, can still facilitate identity theft, phishing attacks, or other forms of fraud against individuals whose information was compromised.
The hacking collective known as ShinyHunters quickly took responsibility for the breach. The group claimed on dark-web platforms that it had initially sought a ransom from Figure, a demand that was reportedly rejected by the firm — a decision that ultimately resulted in the leak of the stolen data. ShinyHunters has a documented history of targeting prominent entities and releasing stolen information when extortion attempts are rebuffed, signaling the group’s continued presence as a major threat actor in global cybersecurity incidents.
Figure responded to the incident by notifying customers believed to have been impacted and offering free credit monitoring services, a common remediation tactic intended to help individuals detect potential misuse of their identities or credit profiles. The breach serves as a stark reminder that cybersecurity is not solely about defending networks and software; it is equally about fortifying the human element, as social engineering remains a leading pathway for attackers. In an era where financial services continue to migrate to digital platforms, the cost of complacency can be immense — reflected not just in financial penalties, remediation costs, and market trust erosion, but in the very real risk posed to customer privacy and personal security. As the industry digests this incident, broader conversations about risk management, enhanced employee training, and investment in stronger defensive protocols are likely to intensify, particularly as cybercriminals increasingly exploit human vulnerabilities as entry points into otherwise fortified systems. Given the volume of data at stake and the sensitive nature of financial customer information, regulators and stakeholders alike will be closely watching how Figure and similar firms evolve their security postures in the wake of this breach.

