BleepingComputer reports that U.S. blockchain-based fintech firm Figure Technology Solutions was noted by data breach notification service Have I Been Pwned to have had data from 967,200 accounts exfiltrated following a ShinyHunters social engineering attack against an employee that was initially reported by the company to have only affected a "limited number of files.""The exposed data, dating back to January 2026, contained over 900k unique email addresses along with names, phone numbers, physical addresses, and dates of birth," said Have I Been Pwned. Such a development comes after ShinyHunters exposed 2.5 GB of data purportedly belonging to loan applicants, along with its listing for Figure Technology Solutions.Multiple organizations have already been compromised by ShinyHunters as part of a voice phishing campaign aimed at Okta, Google, and Microsoft single sign-on accounts, including CrowdStrike, Betterment, SoundCloud, and leading online dating service operator Match Group, which owns Tinder, Hinge, OkCupid, and Meetic.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds