Nearly 1M fintech lender Figure accounts exposed

If you’ve applied for a loan online, you’ve probably shared more than you thought. Your name. Your email. Your date of birth. Maybe even your home address and phone number. Now imagine all this on a dark web forum.

That’s the reality for nearly a million people after hackers breached Figure Technology Solutions, a blockchain-focused fintech lender.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive offers straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM bulletin.

What happened in the Figure data breach?

Figure Technology Solutions, founded in 2018, uses the Provenance blockchain for lending, borrowing and securities trading. The company claims to have unlocked more than $22 billion in home equity through partnerships with banks, credit unions, fintechs and home improvement companies. However, behind the scenes, the attackers were operating from a very different angle.

DARK WEB MONITORING ABANDONED BY GOOGLE: SHOULD YOU BE CONCERNED?

Nearly a million accounts have been exposed after hackers breached fintech lender Figure Technology Solutions in a social engineering attack. (Félix Zahn/Photothek via Getty Images)

According to breach notification data shared by Have I Been Pwned, information from 967,200 accounts was exposed. The leaked data included more than 900,000 unique email addresses as well as names, phone numbers, physical addresses and dates of birth. It’s a gold mine for identity thieves. Figure indicates that the incident stems from a social engineering attack. In simple terms, this means that someone within the company was tricked into giving up access.

“We recently identified that an employee had been the victim of social engineering, allowing an actor to upload a limited number of files through their account,” a Figure Technology Solutions spokesperson told CyberGuy in a statement. “We acted quickly to block the activity and retained a forensic firm to investigate the affected cases. We understand the importance of these matters and are communicating with partners and affected individuals as appropriate. We are also implementing additional safeguards and training to further strengthen our defenses. We offer free credit monitoring to everyone who receives a notice. We continually monitor accounts and have strong safeguards in place to protect funds and assets. customer accounts.

Social engineering is the real weapon

When people hear the word blockchain, they think secure and untouchable. But the attackers didn’t break the cryptography. They targeted a human being. Groups like ShinyHunters specialize in this playbook. They allegedly claimed responsibility for the breach and, according to BleepingComputer, released 2.5 GB of data allegedly linked to thousands of loan applicants.

In recent weeks, the same group has claimed violations involving companies like Canada Goose, Panera Bread And SoundCloud. Not all cases are linked. Yet security researchers have observed a troubling trend. The attackers pretend to be IT support. They call the employees. They create urgency. Then, they direct victims to fake login portals that look almost identical to the real ones.

Once employees enter their credentials and even multi-factor authentication codes, attackers gain access to single sign-on systems tied to major platforms like Microsoft and Google. From there, a compromised account can unlock a network of connected tools and internal systems.

PANERA BREAD DATA BREACH EXPOSES 5.1M CUSTOMERS

Security researchers say the Figure data leak highlights how social engineering circumvents even blockchain-based platforms. (Maxim Konankov/NurPhoto via Getty Images)

Why is it important to you

If your information was part of the Figure data breach, criminals now have enough details to create convincing phishing emails or phone scams. They may refer to your real name. They can quote your address. They may pose as a lender or bank calling you about your application.

Even if you’ve never applied for a loan with Figure, this incident highlights something more important. No platform is immune to human error. And social engineering works because it targets trust, not technology.

The biggest lesson about blockchain and trust

Figure presents itself as blockchain native. Blockchain can provide transparency and strong cryptographic security. However, none of this protects against a well-crafted phone call.

Security breaches often occur at the human level. This is where attackers focus their energy. As more financial services move online, the attack surface increases. Loan applications, identity verification tools, and cloud-based systems create convenience. They also create new targets.

How to protect yourself after the data breach Figure

You can’t control how companies secure their systems. You can control how you react. Start by checking if your email address appears in the exposed dataset, then follow the steps below to lock your accounts.

SUBSTACK DATA BREACH EXPOSES EMAILS AND PHONE NUMBERS

Figure indicates that an employee was tricked into granting access, allowing attackers to download sensitive customer data. (Luke MacGregor/Bloomberg via Getty Images)

Check if your email has been exposed

To see if your email address has been affected, visit https://haveibeenpwned.com/. Enter your email address to find out if your information appears in the leak. Once finished, come back here and start step 1 below.

Take these steps immediately

1. Change all exposed passwords immediately. Do not leave a known leaked password in place. Update it wherever you used it. Use a password manager to create strong, unique passwords for each account. Discover the Best Expert-Rated Password Managers of 2026 at Cyberguy.com
2. To light up multi-factor authentication wherever possible.
3. Never share login codes with anyone, even if they claim to be IT support.
4. Install powerful antivirus software to help block phishing links, malicious downloads, and ransomware that often follow major breaches. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android, and iOS devices at Cyberguy.com.
5. Consider a Data Deletion Service to reduce your personal information on data broker sites, which fraudsters often combine with stolen data. Check out my top picks for data deletion services and get a free scan to find out if your personal information is already available on the web by visiting Cyberguy.com.
6. Place a free fraud alert or credit freeze with major credit bureaus.
7. Monitor your bank and credit card statements weekly for suspicious activity.

Also be wary of unexpected calls regarding your accounts. If someone pressures you to act immediately, hang up and call the company directly using a number from its official website.

Kurt’s Key Takeaways

The Figure data breach is a reminder that technology alone cannot protect sensitive information. A single employee tricked into revealing their credentials can expose hundreds of thousands of people. This is not a failure of blockchain. It’s a failure of trust. If your data was involved, act now. Even if it wasn’t, consider it a wake-up call. Your personal information is valuable. The criminals know this. Businesses should know this too.

If a single phone call can unlock nearly a million records, are companies investing enough in staff training, or are they still relying everything on technology alone? Let us know by writing to us at Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive offers straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM bulletin.

Copyright 2026 CyberGuy.com. All rights reserved.

Related article