Figure Technology, a blockchain-based lending company, has confirmed that there has been a data breach.
On Friday, Figure spokeswoman Alethea Jadick told TechCrunch in a statement that the breach occurred when an employee was tricked into using a social engineering attack that allowed hackers to steal a “limited number of files.”
The statement said the company is communicating “with partners and those affected” and is offering free credit monitoring “to all individuals who receive an alert.”
A spokesman for Figure did not respond to a number of specific questions about the breach.
Hacker group ShinyHunters has claimed responsibility for the hack on its official dark web leak website, saying the company refused to pay the ransom and posted 2.5 gigabytes of allegedly stolen data.
TechCrunch saw a portion of the data that included customers’ full names, home addresses, dates of birth and phone numbers.
A member of ShinyHunters told TechCrunch that Figure was among the victims of a hacking campaign that targeted customers who rely on single sign-on provider Okta. Other victims of the campaign include Harvard University and the University of Pennsylvania (UPenn).
Techcrunch event
Boston, MA
|
June 23, 2026