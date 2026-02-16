Figure Technology breached via phishing attack, exposing customer data

ShinyHunters claimed responsibility, leaking names, addresses, DOBs, and phone numbers

Company offering identity theft protection; vishing risk heightened by GenAI and deepfake voice tools

Blockchain lending company Figure Technology has confirmed suffering a cyberattack and losing sensitive data on a yet undisclosed number of its customers.

Figure is a US-based fintech company that operates its own blockchain, where it originates and records loans (primarily home equity lines of credit), allegedly with faster funding and lower operational costs compared to traditional systems.

The company also operates marketplaces that allow financial institutions to buy and sell tokenized loans and other real-world assets.

ShinyHunters strike again

The company told TechCrunch it was breached when one of its employees fell for a phishing attack and gave attackers access to its systems. Once inside, the crooks managed to steal a “limited number of files”.

As is standard practice in these cases, Figure said it was working on addressing the issue, and that it’s now offering free identity theft and credit monitoring to affected individuals.

While Figure did not share how many people were affected, or what kind of records were taken, the publication found ShinyHunters taking responsibility. ShinyHunters is one of the most active ransomware groups these days, which doesn’t deploy an encryptor, but rather focuses on data exfiltration and demands payment in exchange for deleting the files.

The group usually posts a sample on its dark web data leak site, to prove the authenticity of its claims and pressure the victim into paying. That being said, TechCrunch claims the data includes people’s full names, postal addresses, dates of birth, and phone numbers.

It doesn’t seem that email addresses were nabbed, so phishing attacks are likely off the table. However, vishing (voice phishing) could be a real concern, and with the proliferation of Generative Artificial Intelligence (GenAI) and deepfakes, voice attacks have gotten more frequent and successful.

Citing a member of the hacking team, TechCrunch said Figure was among the companies breached via the Okta single sign-on incident.

