Figure Technology, a publicly traded blockchain lender, confirmed on Friday that it suffered a customer data breach after an employee was targeted in a social engineering attack. The company stated that the incident allowed an unauthorized actor to download a limited number of files through the compromised employee account.
The hacking group ShinyHunters claimed responsibility for the breach, alleging that Figure refused to pay a ransom. The group subsequently published approximately 2.5 gigabytes of stolen data. TechCrunch, which first reported the breach, reviewed some of the files and confirmed they contained sensitive customer information, including full names, home addresses, dates of birth, and phone numbers.
In a statement shared with Decrypt, Figure said it acted quickly to block the activity and has retained a forensic firm to investigate the scope of the incident. "We recently identified that an employee was socially engineered, and that allowed an actor to download a limited number of files through their account," the company stated. Figure is offering complimentary credit monitoring to all affected individuals and emphasized that it has strong safeguards in place to protect customer funds and accounts.
The breach highlights the ongoing threat of social engineering, where attackers manipulate individuals to gain access to corporate systems. A January report by Chainalysis noted that over $17 billion in cryptocurrency was stolen last year through AI-powered impersonation scams. Data breaches remained widespread in 2025, with regulators logging more than 8,000 notification filings tied to over 4,000 separate incidents affecting at least 374 million people, according to a December 2025 report by the Privacy Rights Clearinghouse.
An anonymous member of ShinyHunters reportedly told TechCrunch that the Figure breach was part of a broader campaign targeting companies that rely on the single sign-on provider Okta, with other alleged victims including Harvard University and the University of Pennsylvania.
Founded in 2018, Figure is a New York–based lender that operates its loan platform on the Provenance blockchain, focusing on home equity lines of credit. The company went public in September 2025 under the ticker FIGR, raising $787.5 million in an IPO that valued it at approximately $5.3 billion. Coinciding with the breach disclosure, Figure announced the launch of a proposed secondary public offering of up to 4,230,000 shares of its Series A Blockchain Common Stock, with plans to repurchase up to $30 million of Class A shares from underwriters. Figure's stock finished the day up 3.57% at $35.29, though it has fallen 37% over the last month.
