Blockchain Lending Platform Figure Hit By Data Breach – Details

bitcoinistPubblicato 2026-02-16Pubblicato ultima volta 2026-02-16

Introduzione

Figure Technology, a blockchain lending platform, suffered a data breach after an employee fell victim to a social engineering attack. The breach resulted in the theft of approximately 2.5GB of customer data, including full names, home addresses, dates of birth, and phone numbers. The hacker group ShinyHunters claimed responsibility and publicly released the data after alleged failed ransom negotiations. The company confirmed that its core blockchain systems and financial services remained secure, emphasizing the incident was due to human error, not a technical flaw. Figure is offering free credit monitoring to affected customers and has launched an internal review. The exact number of impacted individuals has not been disclosed.

Figure Technology confirmed that some customer files were stolen after an employee was tricked, according to reports. The company says the intrusion happened when an internal account was used to download a limited batch of records. The breach did not stem from a flaw in its blockchain system, but from human error.

Reports say the stolen material was later posted online by a hacker collective that claimed responsibility. The group is said to have released about 2.5GB of data after alleging that ransom talks broke down. That public dump quickly drew attention across the crypto and fintech space.

Customer Names, Contact Details Among Items Exposed

Based on reports that reviewed samples of the leaked files, the exposed data includes full names, home addresses, dates of birth, and phone numbers. These are the kinds of details often used in identity fraud or targeted scams.

The exact number of affected customers has not been shared publicly. That missing figure leaves uncertainty about how large the fallout could be.

Security researchers warn that even when bank accounts or crypto wallets are untouched, personal data alone can create serious risk. Phishing calls, fake loan offers, and account takeover attempts often follow this type of leak.

Total crypto market cap at $2.34 trillion on the daily chart: TradingView

Figure Hit By Social Engineering Attack

According to coverage of the incident, attackers used a social engineering method to gain access to an employee’s credentials or active session. Instead of breaking through code, they relied on deception. Once inside, files were downloaded through that employee’s access rights.

The company said it detected suspicious activity and moved to block it. Outside forensic specialists were brought in to review system logs and determine what was accessed. A broader internal review is also under way.

Image: CybersecAsia

ShinyHunters claimed responsibility for the breach on its leak site. The group has been linked to prior data exposures involving tech and finance firms. In this case, the data was made public after payment demands were reportedly rejected.

Figure said it will notify customers whose information was involved. Free credit monitoring services are being offered to those who receive formal notice. Impacted individuals are being advised to watch for unusual activity and unsolicited messages.

Funds And Core Services Secure

Reports note that lending operations and on-chain systems were not breached. The platform’s core financial infrastructure was not described as affected. Still, the exposure of personal records carries its own weight.

Financial companies remain frequent targets because they hold detailed customer files. A single employee account, if misused, can open a door wider than expected. That lesson has surfaced again here.

Regulators may seek further details in the coming weeks. Customers will be waiting for clearer numbers. The long-term cost, both financial and reputational, will depend on how widely the data spreads and how quickly protective steps are taken.

Featured image from Yahoo Finance, chart from TradingView

Domande pertinenti

QWhat was the cause of the data breach at Figure Technology?

AThe data breach was caused by human error, specifically a social engineering attack where an employee was tricked, leading to the misuse of an internal account to download customer records.

QWhat type of customer data was exposed in the Figure breach?

AThe exposed data includes full names, home addresses, dates of birth, and phone numbers of customers.

QWhich hacker group claimed responsibility for the data breach?

AThe hacker collective ShinyHunters claimed responsibility for the breach and later posted the stolen data online.

QWere Figure's core financial systems or blockchain infrastructure compromised in the attack?

ANo, the company confirmed that its lending operations, on-chain systems, and core financial infrastructure were not breached in the attack.

QWhat steps is Figure taking to help affected customers?

AFigure is notifying affected customers, offering free credit monitoring services, and advising them to watch for unusual activity and unsolicited messages.

Letture associate

Little Pepe (LILPEPE) vs Bonk—Cross-Chain Meme Coin Battle Heats up as Demand Surges

The meme coin competition is shifting from community hype to technological and ecosystem advantages. This analysis contrasts Bonk, an established token on the Solana network known for its speed and low costs, with the newer Little Pepe ($LILPEPE), currently in its presale phase. Bonk leverages its mature community and Solana's infrastructure, while Little Pepe differentiates itself with a Layer 2 Ethereum solution promising tax-free trading, staking rewards, and enhanced scalability. To drive engagement, Little Pepe is offering substantial giveaways totaling $777,000. Both coins, despite their different strategies—Bonk as a proven ecosystem and Little Pepe as an early-stage utility project—are capturing significant market attention as demand surges.

TheNewsCrypto26 min fa

Little Pepe (LILPEPE) vs Bonk—Cross-Chain Meme Coin Battle Heats up as Demand Surges

TheNewsCrypto26 min fa

Crypto Crime Hit Hard: $700 Million Frozen By DOJ Strike Force

A US law enforcement task force has frozen over $700 million in cryptocurrency linked to investment scams targeting Americans. The operation, which involved cooperation from crypto exchanges and legal processes, also took down more than 500 fraudulent websites and a Telegram channel used to recruit victims. Two Chinese nationals were named in arrest warrants for operating a scam compound in Burma. In a related move, the US State Department announced a $10 million reward for information disrupting scam centers in Burma. Singaporean authorities, alongside major crypto exchanges and analytics firms, also prevented nearly $3 million in losses through a parallel operation. The scale of cybercrime remains vast, with the FBI reporting over $20 billion in losses in 2025.

bitcoinist1 h fa

Crypto Crime Hit Hard: $700 Million Frozen By DOJ Strike Force

bitcoinist1 h fa

Toncoin Fees To Drop 6x As Network Moves Toward Feeless Transactions

Telegram founder Pavel Durov announced that the Toncoin (TON) network will reduce transaction fees by six times in one week, lowering the cost to just 0.00039 TON (approximately $0.0005). This fee reduction is part of the "Make TON Great Again" (MTONGA) roadmap and will remain fixed regardless of network congestion. The update follows a recent upgrade that made the network 10 times faster and transactions nearly instant. Durov also hinted that future steps aim to make most transactions fully feeless. Although Telegram discontinued formal involvement with TON due to regulatory issues, Durov remains a strong supporter. Currently, Toncoin is trading around $1.30, down over 8% in the past week.

bitcoinist1 h fa

Toncoin Fees To Drop 6x As Network Moves Toward Feeless Transactions

bitcoinist1 h fa

a16z: AI's 'Amnesia', Can Continuous Learning Cure It?

The article "a16z: AI's 'Amnesia' – Can Continual Learning Cure It?" explores the limitations of current large language models (LLMs), which, like the protagonist in the film *Memento*, are trapped in a perpetual present—unable to form new memories after training. While methods like in-context learning (ICL), retrieval-augmented generation (RAG), and external scaffolding (e.g., chat history, prompts) provide temporary solutions, they fail to enable true internalization of new knowledge. The authors argue that compression—the core of learning during training—is halted at deployment, preventing models from generalizing, discovering novel solutions (e.g., mathematical proofs), or handling adversarial scenarios. The piece introduces *continual learning* as a critical research direction to address this, categorizing approaches into three paths: 1. **Context**: Scaling external memory via longer context windows, multi-agent systems, and smarter retrieval. 2. **Modules**: Using pluggable adapters or external memory layers for specialization without full retraining. 3. **Weights**: Enabling parameter updates through sparse training, test-time training, meta-learning, distillation, and reinforcement learning from feedback. Challenges include catastrophic forgetting, safety risks, and auditability, but overcoming these could unlock models that learn iteratively from experience. The conclusion emphasizes that while context-based methods are effective, true breakthroughs require models to compress new information into weights post-deployment, moving from mere retrieval to genuine learning.

marsbit2 h fa

a16z: AI's 'Amnesia', Can Continuous Learning Cure It?

marsbit2 h fa

Can a Hair Dryer Earn $34,000? Deciphering the Reflexivity Paradox in Prediction Markets

An individual manipulated a weather sensor at Paris Charles de Gaulle Airport with a portable heat source, causing a Polymarket weather market to settle at 22°C and earning $34,000. This incident highlights a fundamental issue in prediction markets: when a market aims to reflect reality, it also incentivizes participants to influence that reality. Prediction markets operate on two layers: platform rules (what outcome counts as a win) and data sources (what actually happened). While most focus on rules, the real vulnerability lies in the data source. If reality is recorded through a specific source, influencing that source directly affects market settlement. The article categorizes markets by their vulnerability: 1. **Single-point physical data sources** (e.g., weather stations): Easily manipulated through physical interference. 2. **Insider information markets** (e.g., MrBeast video details): Insiders like team members use non-public information to trade. Kalshi fined a剪辑师 $20,000 for insider trading. 3. **Actor-manipulated markets** (e.g., Andrew Tate’s tweet counts): The subject of the market can control the outcome. Evidence suggests Tate’sociated accounts coordinated to profit. 4. **Individual-action markets** (e.g., WNBA disruptions): A single person can execute an event to profit from their pre-placed bets. Kalshi and Polymarket handle these issues differently. Kalshi enforces strict KYC, publicly penalizes insider trading, and reports to regulators. Polymarket, with its anonymous wallet-based system, has historically been more permissive, arguing that insider information improves market accuracy. However, it cooperated with authorities in the "Van Dyke case," where a user traded on classified government information. The core paradox is reflexivity: prediction markets are designed to discover truth, but their financial incentives can distort reality. The more valuable a prediction becomes, the more likely participants are to influence the event itself. The market ceases to be a mirror of reality and instead shapes it.

marsbit3 h fa

Can a Hair Dryer Earn $34,000? Deciphering the Reflexivity Paradox in Prediction Markets

marsbit3 h fa

Trading

Spot

Futures