Figure Technology, a blockchain-based lending firm, recently suffered a data breach after attackers executed a social-engineering attack on an employee. Following this incident, the hacking group ShinyHunters published data from this breach—reportedly around 2.5 gigabytes of files—with claims that the company refused to comply with ransom demands.

Overview of the Breach

The attack allowed the hackers to access a limited set of files, according to a company spokesperson. Figure has begun notifying those affected and is providing complimentary credit-monitoring services.

Furthermore, the total scale of the breach, including user counts and detection timelines, remains undisclosed. TechCrunch was contacted for additional comments but received no response by the time of report.

ShinyHunters publishes stolen data. Source: Dominic Alvieri

Contents of the Leaked Data

Reports indicate that the leaked data contains sensitive information such as full names, home addresses, birth dates, and phone numbers—details that pose risks for identity theft and phishing scams. In a related note, phishing attacks linked to crypto wallet drainers have seen a significant reduction in 2025, evidencing a drop in total losses to approximately $83.85 million.

Company Profile

Figure Technology went public last September, entering the Nasdaq Stock Exchange with an IPO set at $25 per share, generating substantial proceeds of approximately $787.5 million and estimating a valuation ranging between $5.3 billion and $7.6 billion. Six months ago, it introduced the On-Chain Public Equity Network (OPEN), a platform constructed on its Provenance blockchain facilitating direct share transactions between individuals without traditional intermediaries.