Buckle up, tech fans, because what was once touted as “unbreakable” has just been proven a total joke. Nearly one million accounts at Figure Technology Solutions, a blockchain-focused fintech lender, have been exposed in a massive data breach, and it wasn’t a fancy cryptographic hack. It was all thanks to a simple social engineering trick that targeted a human, not the tech.
According to Fox News, the breach exposed 967,200 accounts, leaking unique email addresses, names, phone numbers, physical addresses, and even dates of birth. For anyone who’s applied for a loan online, this is the kind of information that identity thieves look for. It’s a gold mine for crafting convincing phishing emails or phone scams.
Figure Technology Solutions, founded in 2018, prides itself on using the Provenance blockchain for things like lending, borrowing, and securities trading. They’ve even helped unlock over $22 billion in home equity through various partnerships. You’d think a company so deeply invested in blockchain technology would be ironclad but that’s where the human element came in.
A treasure trove of personal data is now potentially floating around
The company itself confirmed that the incident stemmed from a social engineering attack. Simply put, someone inside the company was tricked. A Figure spokesperson explained, “We recently identified that an employee was socially engineered, and that allowed an actor to download a limited number of files through their account.” This means the attackers didn’t try to break the blockchain’s cryptography; they went straight for the weakest link: a person.
Groups like ShinyHunters, who have reportedly claimed responsibility for this breach, are masters of this playbook. They allegedly posted 2.5GB of private data related to thousands of loan applicants. These attackers often impersonate IT support, creating a sense of urgency and directing employees to fake login portals that look almost identical to the real ones.
Once an employee enters their credentials, and even multi-factor authentication codes, the attackers gain access to single sign-on systems tied to major platforms like Microsoft and Google. From there, one compromised account can unlock a whole network of connected tools and internal systems. It’s like getting handed the keys to the kingdom without ever having to pick a lock.
Figure Technology Solutions acted quickly to block the activity once it was identified. They’ve also brought in a forensic firm to investigate exactly what files were affected and are communicating with partners and those impacted. They’re offering complimentary credit monitoring to everyone who receives a notice, along with implementing additional safeguards and training to strengthen their defenses.
Published: Mar 3, 2026 07:00 pm