Stop manual bottlenecks. Start your machine-speed defense | Join UpGuard Summit on March 3 & 5
Register now
News
Overview: Figure.com Data Breach
BlogBreachesResourcesNews
Overview: Figure.com Data Breach

Overview: Figure.com Data Breach

UpGuard Team
UpGuard Team
February 16, 2026

Key Facts: Figure Data Breach

  • Date reported: February 14, 2026.
  • Unauthorized access identified: February 2026.
  • Target entity: Figure (figure.com).
  • Source of breach: ShinyHunters (unauthorized third-party).
  • Data types: Full names, home addresses, dates of birth, and phone numbers.
  • Status: Confirmed; publicly reported following a declined ransom demand.
  • Severity: Medium; the breach involved approximately 2.5 gigabytes of sensitive customer files and social engineering.

Protect against attacks like ShinyHunters. See how UpGuard helps.

What Happened in the Figure Data Breach?

Figure (figure.com) was the target of a data leak incident publicly reported on February 14, 2026. The security breach involved the threat actor known as ShinyHunters, who claimed responsibility for the unauthorized access after the organization reportedly declined a ransom demand.

The incident was the result of a social-engineering attack that allowed the hackers to access approximately 2.5 gigabytes of data. This breach is classified as medium severity and involved the exposure of sensitive customer files including full names, home addresses, dates of birth, and phone numbers. Such incidents typically present a risk of identity fraud and targeted phishing campaigns for the affected individuals.

Who Is Behind the Incident?

ShinyHunters is a prolific cybercriminal group known for targeting high-profile organizations to steal and leak sensitive data. Active for several years, the group often utilizes social engineering and exploits in cloud environments to gain unauthorized access. They are frequently associated with extortion attempts, where they threaten to sell or publicly release stolen data on dark web forums if a ransom is not paid. ShinyHunters has claimed responsibility for numerous large-scale breaches across various sectors, demonstrating a consistent focus on acquiring large volumes of consumer information.

Impact and Risks for Figure Customers

For customers of Figure, the exposure of personal details such as names, addresses, dates of birth, and phone numbers creates several potential risks. This information can be leveraged by malicious actors for identity theft, unauthorized account access, or sophisticated phishing schemes. Hackers may use the leaked details to craft convincing messages designed to trick individuals into revealing further sensitive data or financial credentials.

Security incidents of this nature often result in long-term risks for the affected user base. Individuals should consider enabling multi-factor authentication and monitoring their credit reports for any unusual activity. Maintaining transparency and providing support services are critical steps for the organization to help mitigate these potential outcomes.

How to Protect Against Similar Security Incidents

Get instant alerts when your data appears on the dark web

Frequently Asked Questions

What happened in the Figure security breach?

ShinyHunters claimed responsibility for a security attack on Figure (figure.com) in February 2026. The incident was first reported on February 14, 2026.

When did the Figure breach occur?

The Figure breach was publicly reported on February 14, 2026. ShinyHunters referenced the incident around that time, but the attack may have occurred earlier.

What data was exposed?

The types of data involved in the Figure incident have not been disclosed. ShinyHunters has not provided evidence of specific data categories.

Is my personal information at risk?

If you interacted with Figure, there's a possibility your personal information could be affected. Similar incidents often involve email addresses, login details, or financial records. Stay alert for updates and take precautionary measures to secure your accounts.

How can I protect myself after this data breach?

  • Change your passwords and ensure they are unique
  • Enable multi-factor authentication (MFA) on all accounts
  • Monitor your financial statements for unauthorized transactions
  • Be cautious of unsolicited emails or phone calls
  • Utilize data breach monitoring services

What steps should companies take after being impacted by this breach?

Figure is expected to secure its systems, notify affected parties, and provide guidance on protective actions. Companies in this situation typically review security measures and deploy attack surface management to prevent future incidents.

How secure is Figure.com?

Figure.com is a financial technology company that provides lending and wealth management solutions for consumers and institutions. Its lending platform offers fast and flexible home equity loans, personal loans, and student loan refinancing, while its wealth management platform provides investment advice and management services to help clients achieve their financial goals.
  • Check icon
    View our free preliminary report on Figure.com’s security posture
  • Check icon
    13 risk factors, including email security, SSL, DNS health, open ports and common vulnerabilities
View Figure.com's score
View score
https://www.figure.com
Security ratings
Deliver icon

Sign up for our newsletter

UpGuard's monthly newsletter cuts through the noise and brings you what matters most: our breaking research, in-depth analysis of emerging threats, and actionable strategic insights.

Latest news

Stay up-to-date with the latest news in cybersecurity.
Promethean PAC Suffers Alleged Breach According to Dark Web Reports

Promethean PAC Suffers Alleged Breach According to Dark Web Reports

A data breach involving Promethean PAC was reported on February 15, 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
February 15, 2026
Dolce Vee Suffers Alleged Breach According to Dark Web Reports

Dolce Vee Suffers Alleged Breach According to Dark Web Reports

A data breach involving dolcevee.com was reported on February 15, 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
February 15, 2026
Grupo Hasar Suffers Alleged Breach According to Dark Web Reports

Grupo Hasar Suffers Alleged Breach According to Dark Web Reports

A data breach involving Grupo Hasar was reported on February 15, 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
February 15, 2026
Zenni Optical Data Breach Overview

Zenni Optical Data Breach Overview

A data breach involving Zenni Optical was reported on February 3, 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
February 5, 2026
Lakelands Public Health Investigating Data Breach

Lakelands Public Health Investigating Data Breach

A data breach involving Lakelands Public Health was reported on February 3, 2026. See incident details, impact on customers, and recommended security measures.
UpGuard Team
UpGuard Team
February 5, 2026
Vulnerability Overview: SolarWinds CVE-2025-40551

Vulnerability Overview: SolarWinds CVE-2025-40551

CISA flags critical SolarWinds CVE-2025-40551 flaw as exploited in attacks. Learn all of the key details.
UpGuard Team
UpGuard Team
February 5, 2026
View all news
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

Protect your organization

Get in touch or book a free demo.
Contact sales
Free demo
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Free score
Website Security scan resultsWebsite Security scan rating