In brief
- Figure confirmed a data breach, saying that an employee was tricked in a social engineering attack.
- Stolen files allegedly include names, addresses, dates of birth, and phone numbers, per a report.
- The publicly traded lender says it is offering free credit monitoring to affected individuals.
Figure Technology confirmed Friday that it suffered a customer data breach after an employee was targeted in a social engineering attack.
The hacking group ShinyHunters claimed responsibility, saying Figure refused to pay a ransom and that it published 2.5 gigabytes of stolen data. TechCrunch, which first reported on the breach, said that it reviewed some of the files, which included customers’ full names, home addresses, dates of birth, and phone numbers.
“We recently identified that an employee was socially engineered, and that allowed an actor to download a limited number of files through their account,” Figure said in a statement shared with Decrypt. “We acted quickly to block the activity and retained a forensic firm to investigate what files were affected.”
Social engineering refers to when attackers manipulate employees through deceptive emails, calls, or messages to gain access to corporate systems, often by tricking them into sharing credentials or approving unauthorized requests.
A January report by Chainalysis said that over $17 billion in crypto was stolen last year through AI-powered impersonation scams.
Data breaches remained widespread in 2025, with regulators logging more than 8,000 notification filings tied to over 4,000 separate incidents affecting at least 374 million people, according to a December 2025 report by the Privacy Rights Clearinghouse.
Founded in 2018, Figure is a New York–based lender that runs its loan platform on the Provenance blockchain, focusing on home equity lines of credit. Figure went public in September 2025 under the ticker FIGR, raising $787.5 million in an IPO that valued it at about $5.3 billion.
While the spokesperson declined to go into further detail, a member of ShinyHunters reportedly told TechCrunch the breach was part of a broader campaign targeting companies that rely on single sign-on provider Okta. Other alleged victims included Harvard University and the University of Pennsylvania.
Figure said it is communicating with partners and impacted parties, as well as implementing additional safeguards.
“We are offering complimentary credit monitoring to all individuals who receive a notice,” the company said. “We continuously monitor accounts and have strong safeguards in place to protect customers’ funds and accounts.”
The news of the data breach comes as Figure announced Friday the launch of a proposed secondary public offering of up to 4,230,000 shares of its Series A Blockchain Common Stock, with plans to repurchase up to $30 million of Class A shares from underwriters.
Figure’s stock finished the day up 3.57% at a price of $35.29, though it has fallen 37% over the last month.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Fenbushi Co-Founder Offers Bounty to Recover $42M Crypto Hack
Fenbushi Capital co-founder Bo Shen has initiated a bounty program to recover $42 million stolen in a 2022 hack, offering 10-20% rewards for contributions to recovery. Recent advances in blockchain analysis have improved investigative capabilities, with some funds already frozen.
GateNews12m ago
ZachXBT questions the use of religion to promote cryptocurrency presales.
Gate News reports that on March 26, on-chain investigator ZachXBT questioned a KOL's comment about "Christian-related tokens." ZachXBT stated, "I'm curious whether, in 2026, using religious hype to promote a certain cryptocurrency presale (which is actually just a flashy paid group service) will still be a viable strategy."
GateNews54m ago
Move Up to 2029! Google Sets Post-Quantum Cryptography Migration Deadline, Bitcoin Encryption Technology Faces Incoming Risks
Google announced 2029 as the deadline for post-quantum cryptography transition, alerting the industry to security threats posed by quantum computers; Bitcoin and Ethereum and other cryptocurrencies need to accelerate adoption of new technologies to resist potential attacks. Experts believe there is no need for excessive panic, emphasizing that quantum risks are exaggerated, and quantum-resistant blockchain technologies with protective measures are gradually improving.
CryptoCity3h ago
When even I cannot prove that I'm not an AI, forensic experts recommend: set up a secret code with family and friends.
BBC reporter Thomas Germain's experiment shows that AI deepfake technology is now difficult to distinguish, with digital forensics expert Hany Farid claiming it's "finished." Even when experts verify a video's authenticity, people may still doubt it. As AI fraud cases surge, especially in crypto markets, the cost of verifying authenticity is high, while creating doubt has become low-cost. Ultimately, the recommendation is to return to old methods: using cryptographic signatures to enhance trust.
動區BlockTempo4h ago
Distributed Shenbo: Set Bounty to Recover Approximately $42 Million Stolen Three Years Ago
Shen Bo, founder of Distributed Capital, had his personal wallet compromised in November 2022, resulting in losses of approximately $42 million. After three years of tracking, the team has obtained key leads and is publicly soliciting information from those who can provide clues, offering rewards of 10%-20% based on contributions. Approximately $1.2 million in assets has been frozen so far, and the team has expressed gratitude to individuals and teams who have continuously provided assistance.
BlockBeatNews5h ago
Distributed Capital Founder Bo Shen: Lost $42 Million from Personal Wallet Theft in 2022, Now Offering 10%-20% Bounty for Information
Distributed Capital founder Bo Shen recently publicly solicited leads regarding the theft of his personal wallet and established a bounty mechanism. His wallet was compromised in November 2022, resulting in losses of approximately $42 million. The bounty program is open to all individuals and institutions, with reward ratios of 10%-20% of recovered funds.
GateNews5h ago
