Data breach at fintech giant Figure affects close to a million customers

A data breach at fintech Figure has impacted nearly one million customers, exposing email addresses, names, birth dates, addresses, and phone numbers. The attack was attributed to the cybercrime group ShinyHunters, who published the stolen data online, though Figure has not confirmed the extent of the breach or the specifics of the stolen information.

Key Points

• Figure experienced a data breach affecting close to a million customers.
• The breach involved the theft of email addresses, names, dates of birth, physical addresses, and phone numbers.
• Security researcher Troy Hunt identified over 967,200 unique email addresses linked to Figure customers from the leaked data.
• ShinyHunters claimed responsibility for the attack and published 2.5 gigabytes of the stolen data.
• Figure has not publicly commented on the breach or disputed Hunt's analysis of the stolen data.

Relevance

• This incident reflects the growing trend of cyberattacks, especially in the fintech sector, as digital transformation accelerates.
• In 2025, the prevalence of data breaches is expected to increase due to enhanced digitalization and reliance on cloud services.
• The rise of cybercrime groups, such as ShinyHunters, underscores the need for improved cybersecurity measures across industries.

The data breach at Figure highlights the vulnerabilities in fintech and the ongoing threat of cybercrime, necessitating stronger cybersecurity protocols and awareness to protect sensitive customer information.