Figure Technologies Data Breach: 1 Million Accounts Exposed by ShinyHunters
Figure Technology Solutions Data Breach Exposes Nearly 1 Million Accounts
A recent data breach at Figure Technology Solutions, a fintech firm built on blockchain infrastructure, has exposed the personal and contact information of nearly one million accounts. The breach, attributed to a social engineering attack, resulted in the theft of data including names, phone numbers, physical addresses, and dates of birth.
About Figure Technology Solutions
Figure Technology Solutions, founded in 2018, positions itself as a financial services platform that utilizes the Provenance blockchain to power lending, borrowing, and securities trading. The company claims to have unlocked over $22 billion in home equity and works with over 250 partners, including banks, credit unions, and fintech companies.
The Breach
The breach was claimed by the extortion group ShinyHunters, which added Figure to its dark web leak site. ShinyHunters alleged that it had stolen 2.5 gigabytes of data from thousands of loan applicants. This incident is part of a pattern of intrusions attributed to ShinyHunters, which has also claimed breaches at several other high-profile organizations, including Canada Goose, Panera Bread, and SoundCloud.
Attack Method
The attack on Figure Technology Solutions was carried out through social engineering, with an employee being tricked into providing access to the company’s systems. This method of attack has become increasingly common in large-scale corporate breaches, often involving the compromise of internal access credentials through deception.
Breach Details
The breach notification service Have I Been Pwned reported that data from 967,200 accounts had been exposed, including over 900,000 unique addresses. The exposed records, dating back to January 2026, contained sensitive information such as names, phone numbers, physical addresses, and dates of birth.
ShinyHunters’ Tactics
ShinyHunters’ tactics have been linked to a broader campaign involving voice phishing, or “vishing,” attacks targeting single sign-on accounts at major organizations. In these schemes, attackers impersonate IT support personnel and persuade employees to enter credentials and multi-factor authentication codes into fraudulent login portals. Once access to a victim’s single sign-on account is obtained, attackers can move laterally across connected enterprise applications.
Conclusion
The breach at Figure Technology Solutions serves as a reminder that even companies built on emerging financial technologies remain exposed to traditional vulnerabilities, including the trust placed in human intermediaries. As cybercrime tactics continue to shift towards manipulation of individuals within organizations, companies must remain vigilant in protecting their systems and educating employees on the risks of social engineering attacks.
According to the breach notification service Have I Been Pwned, data from 967,200 accounts had been exposed, including over 900,000 unique addresses.
About Author
English