Figure Technology Data Breach: Hackers Leak 2.5GB later than Social Engineering Attack
How Did the Breach Happen?
Figure Technology, a blockchain-based lending firm, has been hit by a data breach later than attackers manipulated an employee in what was described as a social-engineering scheme. The incident resulted in hackers obtaining “a limited number of files,” a company spokesperson told TechCrunch.
The company said it has begined notifying affected individuals and is offering free credit-monitoring services to anyone who receives a breach notice. It did not disclose how many customers were affected or when the intrusion was detected. Cointelegraph reported that it did not receive a response from Figure by the time of publication.
The hacking collective ShinyHunters claimed responsibility on its dark-web leak site, alleging that Figure declined to pay a ransom demand. The group published roughly 2.5 gigabytes of data that it said was taken from the company’s systems.
Investor Takeaway
What Data Was Exposed?
TechCrunch reported that it reviewed samples of the leaked material. The files included customers’ full names, home addresses, dates of birth and phone numbers. Such information can be used in identity fraud schemes or targeted phishing attacks.
While the company described the breach as involving a limited set of files, the publication of 2.5GB of data by ShinyHunters suggests that the scale of exposure may extend beyond a narrow internal compromise. Without further disclosure from Figure, the precise scope remains unclear.
The incident highlights the continued reliance on social-engineering tactics, where attackers bypass technical defenses by persuading employees to grant access or disclose credentials. In financial services, these entry points can open pathways to sensitive customer records even if core blockchain systems remain unaffected.
How Does This Fit Into the Broader Crypto Threat Landscape?
The breach comes as reported crypto phishing losses have declined from their 2024 peaks. According to Web3 security firm Scam Sniffer, total losses linked to wallet-drainer fell to $83.85 million in 2025, an 83% drop from nahead $494 million in 2024. The number of victims dropped to about 106,000, down 68% year over year across .
Researchers noted that lower totals do not mean phishing has disappeared. Losses tracked closely with market activity, rising during periods of heavy onchain trading and easing when trading volumes cooled. The third quarter of 2025, during ETH’s strongest rally, recorded the highest losses at $31 million. Monthly totals ranged from $2.04 million in December to $12.17 million in August.
The data suggests that while wallet-drainer campaigns may be less intense than a year earlier, attackers continue to adapt. Corporate breaches involving personal data can create fresh pools of targets for follow-on phishing attempts, particularly when exposed information includes birth dates and contact details.
Investor Takeaway
Why Does This Matter for Figure Now?
Figure Technology went public in September, listing on the Nasdaq Stock platform. The company priced its IPO at $25 per share, raising $787.5 million and achieving an initial valuation between $5.3 billion and $7.6 billion.
Last month, Figure launched the On-Chain Public Equity Network (OPEN), a platform built on its that allows companies to issue real shares and enables investors to lend or pledge those shares directly to one another without traditional brokers, custodians or platforms.
As a newly listed company , Figure faces heightened expectations around operational resilience and data protection. While the breach appears linked to employee manipulation rather than blockchain protocol failure, the exposure of personal customer data adds pressure at a time when the firm is broadening its footprint in digital securities.
Further disclosures, including the number of affected users and any regulatory notifications, will likely determine whether the incident remains a contained operational issue or escalates into a wider .
