Figure probes customer data breach as hackers leak files, adding to rising crypto fraud and identity crime concerns.
Figure Technology, a blockchain-based lending company, has confirmed a data breach following a social engineering attack. Hackers gained access after tricking an employee and stole a limited number of files. Company representatives say outreach to affected parties is underway.
Figure Investigates Data Leak as Hackers Release Stolen Files Online
Figure spokesperson Alethea Jadick said attackers obtained “a limited number of files” after deceiving an employee. The company is contacting partners and anyone who may be affected and offering free credit monitoring to those who receive a notice.
Notably, lending records contain sensitive personal details, including names, home addresses, dates of birth, Social Security numbers, income documents, and bank details. Even a portion of this data can be enough for identity theft, financial fraud, or targeted scams. However, Figure has not yet specified which types of information may have been exposed.
Cybercrime group ShinyHunters claimed it was behind the attack and posted stolen data on its dark web site. The group said Figure refused to pay a ransom and therefore released about 2.5 gigabytes of data online. TechCrunch reviewed part of the leak, which included customer names, home addresses, dates of birth, and phone numbers.
A member of ShinyHunters said the campaign focused on companies using Okta, a service that manages login access. Reported victims also include Harvard University and the University of Pennsylvania.
ShinyHunters uses a method called “double extortion.” First, hackers break in and copy private data. Then they demand money and threaten to publish that data if they are not paid. Security researchers say attackers exploit weak passwords, third-party services, or poorly secured online storage systems.
Data Breaches Impact Millions as Financial Sector Faces Rising Threats
Financial companies are frequent targets of data theft and extortion because they store sensitive personal data. Information such as names, addresses, and ID numbers can be sold or used for fraudulent purposes.
A Chainalysis report found that criminals stole more than $17 billion in crypto last year. Many of those thefts involved scammers impersonating trusted individuals or companies. According to the report, criminals sometimes use artificial intelligence to make their messages appear authentic.
Cyberattacks remained widespread in 2025, with reports showing that large-scale data breaches continued to affect millions of people. Privacy Rights Clearinghouse reports show that regulators received more than 8,000 breach notifications.
Those filings were linked to over 4,000 separate hacking incidents. In total, at least 374 million people had some of their personal information exposed.
Moreover, Figure recently revealed plans to sell up to 4,230,000 additional shares to investors. Companies often sell shares to raise money for operations or future growth. Figure also stated it may buy back up to $30 million worth of another class of its stock from the financial firms managing the sale.
At the time of writing, Figure’s stock price rose 3.57% on Friday, closing at $35.29. Even with that daily gain, shares are still down 37% over the past month, indicating a sharp decline in value.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
German hackers arrested in Bangkok over alleged cryptocurrency extortion and 74 arrest warrants for cybercrimes
A 27-year-old German hacker, Noah Christopher, was arrested in Thailand and faces up to 74 counts of cybercrime, accused of developing ransomware and providing network attack services, involving transnational cybercrime. His visa was revoked, and he is awaiting extradition to Germany.
GateNews1h ago
Zerion Goes Dark Online – Here’s What Users Need to Know Now
Zerion took its web app offline after detecting unusual activity, urging users to avoid it while confirming mobile apps remain safe. The incident underscores the vulnerabilities of web interfaces in DeFi. More updates will follow.
LiveBTCNews1h ago
Phantom wallet crashes hard! During the airdrop period, token prices get mixed up, balances go to zero—users blast it for “making people lose money”
Phantom wallet in Solana’s ecosystem experienced a service outage during the airdrop period, causing abnormal token prices and account balances to be displayed, which affected users’ transactions. Some users suffered losses as a result and are demanding compensation. Security experts warned of phishing attack risks and advised users to verify on-chain data. Although the issue has been resolved, the trust crisis still needs to be monitored. This incident highlights the challenges self-custody wallets face in terms of system stability and user experience.
区块客3h ago
Web3 wallet Zerion detected abnormal activity on the platform; the web service is temporarily offline
Gate News message, April 11, Web3 wallet Zerion posted an announcement on the X platform saying that it detected abnormal activity on the platform, and the web app service has been temporarily taken offline. Zerion urges users to temporarily not use the web app; at the moment, the iOS and Android apps, as well as the browser extension program, are running normally and are secure, and users’ funds in the wallet are not affected. Zerion says it is actively monitoring the situation, and it will notify users separately once the web application is restored.
GateNews04-11 06:46
Phantom Wallet crashes big time! During the airdrop period, token prices went haywire and balances were reset to zero—users blasted it for “making them pay up.”
Phantom, a wallet in the Solana ecosystem, experienced a service outage during the airdrop, causing abnormal token prices and account balances to be displayed, which affected user transactions. Some users suffered losses as a result and demanded compensation. Security experts warned of the risk of phishing attacks and advised users to verify on-chain data. Although the issue has been fixed, the trust crisis still needs to be monitored. This incident highlights the challenges of self-custody wallets in terms of system stability and the user experience.
区块客04-11 05:50
TAO Plummets 25% as Bittensor Co-Founder Accused of Using Token Sales to Coerce Compliance
Bittensor's TAO token dropped 25% due to allegations of centralized control by co-founder Jacob Steeves, resulting in $650 million market cap loss and $9.1 million liquidations. The controversy raises concerns about the project's governance.
Coinpedia04-11 05:25
