Figure data breach exposes nearly 1M accounts

If you have applied for a loan online, you probably shared more than you realized. Your name. Your email. Your date of birth. Maybe even your home address and phone number. Now imagine all of that sitting on a dark web forum.

That is the reality for nearly 1 million people after hackers breached Figure Technology Solutions, a blockchain-focused fintech lender.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

What happened in the Figure data breach

Figure Technology Solutions, founded in 2018, uses the Provenance blockchain for lending, borrowing and securities trading. The company says it has unlocked more than $22 billion in home equity through partnerships with banks, credit unions, fintechs and home improvement companies. However, behind the scenes, attackers were working on a very different angle.

GOOGLE DROPPED DARK WEB MONITORING: SHOULD YOU CARE?
 

Nearly 1 million accounts were exposed after hackers breached fintech lender Figure Technology Solutions in a social engineering attack. (Felix Zahn/Photothek via Getty Images)

According to breach notification data shared by Have I Been Pwned, information from 967,200 accounts was exposed. The leaked data included more than 900,000 unique email addresses along with names, phone numbers, physical addresses and dates of birth. That is a gold mine for identity thieves. Figure says the incident stemmed from a social engineering attack. What that means in simple terms is that someone inside the company was tricked into handing over access.

"We recently identified that an employee was socially engineered, and that allowed an actor to download a limited number of files through their account," a Figure Technology Solutions spokesperson told CyberGuy in a statement. "We acted quickly to block the activity and retained a forensic firm to investigate what files were affected. We understand the importance of these matters and are communicating with partners and those impacted as appropriate. We are also implementing additional safeguards and training to further strengthen our defenses. We are offering complimentary credit monitoring to all individuals who receive a notice. We continuously monitor accounts and have strong safeguards in place to protect customers' funds and accounts."

Social engineering is the real weapon

When people hear the word blockchain, they think secure and untouchable. But attackers did not break cryptography. They targeted a human being. Groups like ShinyHunters specialize in this playbook. They reportedly claimed responsibility for the breach and, according to BleepingComputer, posted 2.5GB of data allegedly tied to thousands of loan applicants.

In recent weeks, the same group has claimed breaches involving companies like Canada Goose, Panera Bread and SoundCloud. Not every case is connected. Still, security researchers have observed a troubling pattern. Attackers impersonate IT support. They call employees. They create urgency. Then they direct victims to fake login portals that look nearly identical to real ones.

Once employees enter credentials and even multi-factor authentication codes, attackers gain access to single sign-on systems tied to major platforms like Microsoft and Google. From there, one compromised account can unlock a web of connected tools and internal systems.

PANERA BREAD DATA BREACH EXPOSES 5.1M CUSTOMERS
 

Security researchers say the Figure data leak underscores how social engineering bypasses even blockchain-based platforms. (Maxim Konankov/NurPhoto via Getty Images)

Why this matters to you

If your information was part of the Figure data breach, criminals now have enough detail to craft convincing phishing emails or phone scams. They can reference your real name. They can cite your address. They can pretend to be a lender or bank calling about your application.

Even if you never applied for a loan with Figure, this incident highlights something bigger. No platform is immune to human error. And social engineering works because it targets trust, not technology.

The bigger lesson about blockchain and trust

Figure markets itself as blockchain native. Blockchain can provide transparency and strong cryptographic security. However, none of that protects against a well-crafted phone call.

You cannot control how companies secure their systems. You can control how you respond. Start by checking whether your email address appears in the exposed dataset, then take the steps below to lock down your accounts.

SUBSTACK DATA BREACH EXPOSES EMAILS AND PHONE NUMBERS
 

Figure says an employee was tricked into granting access, allowing attackers to download sensitive customer data. (Luke MacGregor/Bloomberg via Getty Images)

Check if your email was exposed

To see if your email address was affected, visit https://haveibeenpwned.com/. Enter your email address to find out whether your information appears in the leak. When finished, return here and begin Step 1 below.

Take these steps immediately

1. Change any exposed passwords right away. Do not leave a known leaked password in place. Update it everywhere you used it. Use a password manager to create strong, unique passwords for every account. Check out the best expert-reviewed password managers of 2026 at Cyberguy.com
2. Turn on multi-factor authentication wherever possible.
3. Never share login codes with anyone, even if they claim to be IT support.
4. Install strong antivirus software to help block phishing links, malicious downloads and ransomware that often follow major breaches. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
5. Consider a data removal service to reduce your personal information on data broker sites, which scammers often combine with breached data. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
6. Place a free fraud alert or credit freeze with the major credit bureaus.
7. Monitor your bank and credit card statements weekly for suspicious activity.

Also, be cautious of unexpected calls about your accounts. If someone pressures you to act immediately, hang up and call the company directly using a number from its official website.

Kurt's key takeaways

The Figure data breach is a reminder that technology alone cannot protect sensitive information. A single employee tricked into revealing credentials can expose hundreds of thousands of people. That is not a blockchain failure. It is a trust failure. If your data was involved, take action now. Even if it was not, treat this as a wake-up call. Your personal information has value. Criminals know it. Companies should know it too.

If one phone call can unlock nearly a million records, are companies investing enough in training people, or are they still betting everything on technology alone? Let us know by writing to us at Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.

Copyright 2026 CyberGuy.com. All rights reserved.

Related Article