Figure Technology Solutions (fintech lending company) disclosed in February 2026 that ShinyHunters conducted a vishing (voice phishing) attack against an employee in January 2026, obtaining credentials and MFA codes to access ‘a limited number of files.’ ShinyHunters claimed credit on its dark web leak site after Figure declined to pay ransom, publishing 2.5 GB of stolen data containing records for approximately 967,200 accounts (900k+ unique email addresses). Exposed data included names, phone numbers, physical addresses, and dates of birth. No financial account details, Social Security numbers, loan information, or customer funds were accessed. Have I Been Pwned indexed the breach.