Figure Technology Solutions: 2.5GB Data Breach Exposes PII of 40k

On Feb. 13, 2026, Figure Technology Solutions, a San Francisco-based fintech company known for its blockchain-powered lending services, confirmed it experienced a data breach after hackers stole files containing sensitive customer information.

The breach was first disclosed after the hacking group ShinyHunters published 2.5 gigabytes of allegedly stolen data on a dark web leak site, claiming responsibility for the attack. According to a statement from Figure’s spokesperson, the incident began when an employee was targeted by a social engineering attack, which allowed unauthorized access to a limited number of files.

The threat actor ShinyHunters claimed Figure refused to pay a ransom, leading to the public release of the stolen information.

The incident was first reported on Feb. 13, 2026, by TechCrunch. The journalists reviewed a sample of the leaked data and reported that it included personally identifiable information (PII) such as customers’ full names, home addresses, dates of birth and phone numbers.

Starting on Feb. 23, 2026, the incident was disclosed to the California Attorney General, Indiana Attorney General, Massachusetts Office of Consumer Affairs and Business Regulation and the Texas Attorney General. According to the official disclosure, the breach has additionally exposed Social Security numbers and financial information (e.g. account number, credit or debit card number, loan information).

The incident has affected 39,866 individuals, including 323 residents of Texas, 204 of Indiana, and 146 of Massachusetts.

Figure Technology Solutions' response

In the wake of the breach, Figure stated that it is communicating directly with partners and those affected.

The company is offering free credit monitoring services to all individuals who receive a notification regarding the incident. While Figure has not disclosed the total number of people affected, their response is focused on mitigating risks of identity theft and fraud stemming from the exposure of PII.

Given the nature of the breach, individuals who have received a notice should take the following steps:

• Enroll in the free credit monitoring service provided by Figure
• Monitor financial accounts and credit reports for suspicious activity
• Be cautious of unsolicited communications that reference the breach or request further personal information
• Consider placing a fraud alert or credit freeze with major credit bureaus

It is important for affected individuals to remain vigilant, as the publication of PII on the dark web can increase the risk of phishing attempts and identity theft.