Key Highlights
- Figure Technologies confirmed a data breach on February 13, after a social engineering attack compromised an employee’s account
- This allowed hacking group ShinyHunters to steal and publish 2.5 gigabytes of customer data containing names, addresses, and dates of birth
- Figure allegedly refused to pay a ransom demand, and the hacking group subsequently published 2.5 gigabytes (GB) of stolen data
On February 13, blockchain-based lending firm Figure Technologies confirmed a data breach after facing a social engineering attack that compromised an employee’s account.
🚨BREAKING: Blockchain lending firm @Figure confirms data breach after an employee fell victim to a social engineering attack, allowing hackers to access a limited number of internal files, according to TechCrunch.
ShinyHunters claims responsibility, publishing 2.5GB of… pic.twitter.com/JM1GKRdAwh
— SolanaFloor (@SolanaFloor) February 13, 2026
The incident shows the vulnerabilities in the platform as attackers are targeting the employees instead of codes.
Hackers Publish Stolen User Data after Figure Refuses Ransom Demand
The incident was confirmed by Alethea Jadick in an interview with a leading magazine. He affirmed that the breach originated when an employee fell victim to a social engineering scheme, which allowed hackers to access and download “a limited number of internal files.”
The hacking group ShinyHunters claims responsibility on its dark web leak site. The group allegedly stated that Figure refused to pay a ransom demand and subsequently published 2.5 gigabytes (GB) of stolen data.
Experts have verified the portion of the leaked data that contained sensitive customer information. This includes full names, home addresses, dates of birth, and phone numbers. A ShinyHunters member stated that Figure was among several victims of a recent campaign targeting organizations using Okta sign-on services. Other victims reportedly include Harvard University and the University of Pennsylvania.
Figure revealed that it is informing all affected users and decided to offer free credit monitoring to all who receive notices.
Crypto Sectors Face Data Breach
The Figure becomes a victim of recent crypto-related attacks early in 2026. According to blockchain security firm CertiK, January saw approximately $370.3 million in losses across 40 crypto hacks and scams. This is the highest monthly figure in the last 11 months and around 4 times more than in January 2025.
Phishing and social engineering dominated these attacks, which accounted for over $311.3 million of the total. A single and major $284 million phishing incident happened on January 16, where investors were tricked into revealing hardware wallet recovery seeds. This represents 71% of monthly losses.
This shows a change from traditional smart contracts exploits towards operational attacks targeting human vulnerabilities.
Other major incidents included a $28.9 million hack of Solana-based Step Finance, a $26.4 million exploit of the Truebit protocol due to a smart contract bug, and a $13.3 million attack on liquidity provider SwapNet.
In 2025, hackers totaled approximately $2.87 billion across nearly 150 incidents, with infrastructure compromises like private key theft. This has frequently been enabled by social engineering, which accounts for 76% of losses.
State-linked actors, particularly North Korea, have developed sophisticated tactics. Google’s Mandiant researchers recently documented campaigns using AI-generated deepfake videos during fake Zoom calls to deploy malware against crypto executives.
Also Read: U.S. Treasury Chief Calls for Spring Approval of Crypto Clarity Act
