Figure says an employee “was socially engineered,” letting an actor download “a limited number of files” via that account.

Figure, the publicly traded blockchain lender, confirmed Friday that an employee was duped in a social‑engineering attack that allowed an intruder to download customer files — a breach that the hacking group ShinyHunters says yielded roughly 2.5 GB of data. ShinyHunters claimed Figure refused to pay a ransom and published the stolen material. TechCrunch, which first reported the incident, said it reviewed some of the files and found customer full names, home addresses, dates of birth and phone numbers. Figure told Decrypt it “recently identified that an employee was socially engineered, and that allowed an actor to download a limited number of files through their account,” adding the company moved quickly to block the activity and hired a forensic firm to investigate which files were affected. Social engineering—where attackers trick employees via deceptive emails, calls or messages to obtain credentials or authorize access—has surged in sophistication. A January Chainalysis report estimated more than $17 billion in crypto was stolen last year through AI‑powered impersonation scams. And data breaches at large remain widespread: a December 2025 Privacy Rights Clearinghouse report logged over 8,000 notification filings tied to more than 4,000 incidents affecting at least 374 million people. While Figure’s spokesperson declined to provide further technical detail, a source quoted to TechCrunch said ShinyHunters framed the incident as part of a broader campaign hitting organizations that use Okta single‑sign‑on; other alleged victims cited in reporting include Harvard University and the University of Pennsylvania. Founded in 2018 and based in New York, Figure runs its loan platform on the Provenance blockchain and focuses on home equity lines of credit. The company went public in September 2025 under ticker FIGR, raising $787.5 million in an IPO that valued it at about $5.3 billion. The breach announcement came the same day Figure proposed a secondary offering of up to 4,230,000 shares of its Series A Blockchain Common Stock and disclosed plans to repurchase up to $30 million of Class A shares from underwriters. Figure’s stock closed up 3.57% at $35.29 on Friday, though it has fallen roughly 37% over the past month. Figure said it is notifying impacted individuals and partners, implementing additional safeguards, and offering complimentary credit monitoring to those who receive breach notices. It also stressed that it continuously monitors accounts and maintains protections intended to safeguard customer funds and accounts. For customers and crypto users, the incident underscores the growing role of human‑targeted attacks in blockchain and fintech breaches—and the importance of multi‑layered defenses around identity and access management as attackers increasingly combine social engineering with AI tools. Read more AI-generated news on: undefined/news