A
On Friday, Figure Technologies shared that one of its employees fell for a social engineering trick. This let hackers access some customer files. The group called ShinyHunters took credit for the attack. They said Figure did not pay the ransom, so they leaked 2.5 gigabytes of data.
Reports show the stolen files had sensitive info like full names, home addresses, dates of birth, and phone numbers. This kind of leak can lead to identity theft and scams.
“We recently identified that an employee was socially engineered, and that allowed an actor to download a limited number of files through their account,” Figure said in a statement.
The company acted fast. They stopped the bad activity and hired experts to check what was taken.
Social engineering is when bad guys fool people into giving away access. They use fake emails, calls, or messages to trick workers. In this case, the attacker got login details or approved fake requests.
This is a big problem in tech and crypto. A report from Chainalysis noted that over $17 billion in crypto was stolen last year from AI-powered scams that mimic real people. These attacks are getting smarter.
Companies train staff, but one slip can cause huge damage.
ShinyHunters is a known hacking group. They target big companies. In this breach, they hit Figure as part of a larger attack on users of Okta, a login service. Other targets included Harvard University and the University of Pennsylvania.
ShinyHunters often demands money to not leak data. Figure refused, so the info went public. This shows how hackers now go after service providers to hit many victims at once.
Figure started in 2018 in New York. They use the Provenance blockchain for their loan platform. They focus on home equity lines of credit (HELOCs). This makes loans faster and more secure with blockchain tech.
In September 2025, Figure went public as FIGR. Their IPO raised $787.5 million and valued the company at $5.3 billion. They blend traditional finance with blockchain.
But now, this
Breaches are everywhere. In 2025, over 8,000 reports hit regulators. These came from more than 4,000 incidents. At least 374 million people were affected, per Privacy Rights Clearinghouse.
In crypto and blockchain, stakes are higher. Stolen data can lead to wallet hacks or fake loans. Figure’s case highlights risks even for public firms using advanced tech.
| Year | Incidents | People Affected |
|---|---|---|
| 2025 | 4,000+ | 374M+ |
| Prior Years | Increasing | Billions Total |
Figure is taking steps. They are telling partners and affected people. New safety measures are coming.
“We are offering complimentary credit monitoring to all individuals who receive a notice,” the company said. “We continuously monitor accounts and have strong safeguards in place to protect customers’ funds and accounts.”
This helps ease worries. Free credit checks let people watch for fraud. But trust takes time to rebuild.
Despite the news, FIGR stock rose 3.57% to $35.29 that day. But it dropped 37% in the last month. Markets seem to shrug off the breach for now.
Interestingly, Figure announced a secondary offering on the same day. They plan to sell up to 4.23 million shares of Series A Blockchain Common Stock. They also aim to buy back up to $30 million in Class A shares. This shows business as usual.
This
For users, freeze credit and watch accounts. In blockchain lending, verify platforms have top security.
Figure will face checks from regulators. Laws require quick breach reports. Investors watch how they fix issues.
Blockchain promises secure finance, but human errors hurt. Firms must mix tech with people training. As hacks grow, only the strong will last.
This breach reminds us: No system is perfect. Stay alert in crypto.
The
Follow for more on crypto security and finance news.
Discuss this news on our Telegram Community. Subscribe to us on Google news and do follow us on Twitter @Blockmanity
Did you like the news you just read? Please leave a feedback to help us serve you better
Disclaimer: Blockmanity is a news portal and does not provide any financial advice. Blockmanity's role is to inform the cryptocurrency and blockchain community about what's going on in this space. Please do your own due diligence before making any investment. Blockmanity won't be responsible for any loss of funds.
The post Figure Technologies Data Breach: ShinyHunters Exposes Customer Info at Public Blockchain Lender appeared first on Blockmanity.
Also read: ETH Open Interest Drops to 3-Year Low: What It Means for Ether Price
