Figure Technology Hit by Data Breach After Social Engineering Attack
Blockchain-based lending firm Figure Technology confirmed a data breach stemming from a social engineering attack that tricked an employee into exposing sensitive files. The incident, disclosed on Friday, was attributed to the hacking group ShinyHunters, which later published 2.5 GB of stolen data on its dark web leak site after Figure refused to pay a ransom.
The compromised data, reviewed in part by TechCrunch, included customers’ full names, home addresses, dates of birth, and phone numbers. Figure stated it is notifying affected individuals and partners while offering free credit monitoring to those impacted. The company did not respond to further inquiries about the breach’s scope or timeline.
ShinyHunters claimed Figure was one of multiple victims in a campaign targeting organizations using Okta’s single sign-on (SSO) service, alongside Harvard University and the University of Pennsylvania (UPenn). The group’s involvement underscores a broader trend of cybercriminals exploiting third-party authentication vulnerabilities to access sensitive systems.
Source: https://techcrunch.com/2026/02/13/fintech-lending-giant-figure-confirms-data-breach/
Figure Technology TPRM report: https://www.rankiteo.com/company/figuretechnologies
"id": "fig1771021682",
"linkid": "figuretechnologies",
"type": "Breach",
"date": "2/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Yes',
'industry': 'Blockchain-based lending',
'name': 'Figure Technology',
'type': 'Company'},
{'industry': 'Education',
'name': 'Harvard University',
'type': 'Educational Institution'},
{'industry': 'Education',
'name': 'University of Pennsylvania (UPenn)',
'type': 'Educational Institution'}],
'attack_vector': 'Social Engineering',
'customer_advisories': 'Notifying affected individuals and partners, offering '
'free credit monitoring',
'data_breach': {'data_exfiltration': 'Yes',
'personally_identifiable_information': ['Full names',
'Home addresses',
'Dates of birth',
'Phone numbers'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Personally Identifiable '
'Information (PII)']},
'date_publicly_disclosed': '2023-10-27',
'description': 'Blockchain-based lending firm Figure Technology confirmed a '
'data breach stemming from a social engineering attack that '
'tricked an employee into exposing sensitive files. The '
'incident was attributed to the hacking group ShinyHunters, '
'which later published 2.5 GB of stolen data on its dark web '
'leak site after Figure refused to pay a ransom.',
'impact': {'brand_reputation_impact': 'Likely impacted',
'data_compromised': '2.5 GB of stolen data',
'identity_theft_risk': 'High'},
'initial_access_broker': {'data_sold_on_dark_web': 'Yes',
'entry_point': 'Okta SSO service'},
'motivation': 'Financial gain (ransom), data exfiltration',
'post_incident_analysis': {'root_causes': 'Social engineering attack, '
'third-party authentication '
'vulnerability'},
'ransomware': {'data_exfiltration': 'Yes',
'ransom_demanded': 'Yes',
'ransom_paid': 'No'},
'references': [{'source': 'TechCrunch'}],
'response': {'communication_strategy': 'Notifying affected individuals and '
'partners, offering free credit '
'monitoring'},
'threat_actor': 'ShinyHunters',
'title': 'Figure Technology Data Breach After Social Engineering Attack',
'type': 'Data Breach',
'vulnerability_exploited': 'Third-party authentication (Okta SSO)'}