Fintech Lender Figure Technology Reports Data Breach Claimed by ShinyHunters
Learn More
Figure Technology, a blockchain-based fintech lending firm, confirmed a data breach resulting from a social engineering attack. The incident was reported on February 13, 2026, following statements from company officials and claims by the ShinyHunters threat group.
The breach started when an employee fell for a social engineering scam, allowing the threat actors to gain unauthorized access to the corporate network.
ShinyHunters members stated that Figure was a victim of a campaign targeting organizations that use the Okta single sign-on (SSO) provider. The compromised allegedly data includes:
- Full names
- Home addresses
- Dates of birth
- Phone numbers
The number of affected individuals is not disclosed.
The ShinyHunters group claims to have stolen 2.5 gigabytes of data and published the files on their leak site after Figure reportedly refused to pay a ransom.
The company characterized the breach as involving a "limited number of files" but the leaked samples contain sensitive personally identifiable information (PII).
Figure is notifying partners and impacted individuals and offering free credit monitoring services to those affected. External security researchers have noted that the leaked data appears authentic based on initial samples.
Update - as of 18th of February 2026, Have I Been Pwned is reporting that data of 967,200 accounts was stolen in the attack.
"In February 2026, data obtained from the fintech lending platform Figure was publicly posted online. The exposed data, dating back to January 2026, contained over 900k unique email addresses along with names, phone numbers, physical addresses and dates of birth."
