Partner
Woods Lonergan PLLC is a nationally recognized complex commercial and civil litigation firm that represents clients in select data breach class actions nationwide. Our data breach lawyers are currently investigating a significant data breach involving Figure Technology Solutions, Inc. (NASDAQ: FIGR).
Our data breach lawyers have a proven record of holding national corporations, educational institutions, and technology vendors accountable when failures in cybersecurity expose the sensitive personal, financial, and educational information of consumers and businesses.
Figure Technology Solutions, Inc., a blockchain-native fintech leader headquartered in New York, has reportedly confirmed a security incident that may have exposed the sensitive personal and financial data of nearly one million individuals, including homeowners, investors, and clients of auxiliary lending partners.
_________________________________________________________________________________________
If you suspect your data was exposed, Call Our Data Breach Lawyers 24/7 at (332) 378-0376 or email loganlowe@woodslaw.com for a free and confidential consultation.
We take no fees unless you win.
_________________________________________________________________________________________
The Figure Technology Data Breach: Quick Loan Approval vs. Data Security
On February 14, 2026, reports from TechCrunch and BleepingComputer revealed that Figure Technology Solutions fell victim to a sophisticated “vishing” (voice phishing) attack.
Figure is unique in the lending industry for its “5-minute approval” process, which uses the Provenance Blockchain to automate income verification and property valuation, often funding loans in as little as five days.
However, our investigation is examining whether this focus on frictionless speed came at the expense of robust internal security. The breach reportedly occurred when an employee was deceived by attackers—allegedly linked to the cybercriminal group ShinyHunters—into providing credentials that allowed unauthorized access to internal systems via Okta. While the automation on the front end allowed for rapid lending, a single failure in the “Human Firewall” on the back end may have exposed the personal identities of 967,200 unique users.
Investigation: Who Is Impacted by the Figure Lending Data Breach and What Personal Data Was Stolen?
The “blast radius” of this breach extends beyond direct customers to include:
- Direct Home Equity Line of Credit, (HELOC) Borrowers: Over 250,000 households using Figure’s “paperless” lending platform.
- Auxiliary & Private-Label Clients: Figure’s technology supports over 240 partners, including Guaranteed Rate, CrossCountry Mortgage, and Fairway Independent Mortgage. If your loan was processed through Figure’s software, your data may be at risk.
- Investment & Crypto Users: Holders of the $YLDS stablecoin and users of the Figure Exchange.
The records allegedly exposed in Figure Technology breach include:
- Full names and physical home addresses
- Dates of Birth (confirmed for nearly 1 million entries)
- Email addresses and phone numbers
Figure Technology Data Breach FAQs
Who is Figure Technology Solutions (NASDAQ: FIGR)?
Figure is a financial technology company that uses blockchain to automate loan origination. They are the largest non-bank provider of HELOCs in the U.S. and provide the backend “plumbing” for hundreds of mortgage lenders.
What types of loans does Figure provide?
- Home Equity Lines of Credit (HELOC): Famous for their 100% online application and 5-minute approval.
- Crypto-Backed Loans: Loans using BTC, ETH, and SOL as collateral.
- Investment Products: The SEC-registered $YLDS stablecoin and the Democratized Prime marketplace.
How do I check if my data was leaked on “Have I Been Pwned”?
- Visit HaveIBeenPwned.com.
- Enter the email address you used for your loan application or Figure account.
- If the results show “Figure,” your data (including your DOB and address) was part of the January/February 2026 leak.
How do I know if my Figure HELOC data was stolen?
You can check if your email was involved in the January/February 2026 leak by visiting HaveIBeenPwned.com. Because Figure’s “Provenance Blockchain” technology is integrated with over 240 auxiliary lending partners, you may be at risk even if you did not apply for a loan directly through Figure’s website.
Why is my Date of Birth (DOB) being leaked a major concern?
A birth date is a “static” identifier. Unlike a credit card, you cannot change your DOB. Hackers use this along with your home address to bypass security questions at banks, redirect mail, or open fraudulent accounts in your name.
Was the Provenance Blockchain itself hacked?
No. Current reports indicate the breach targeted the “Human Firewall” (employees) rather than the blockchain code. The hackers allegedly used “vishing” to trick an employee into giving up access to internal administration tools.
How do I join the Figure Technology data breach class action?
If your sensitive personal or financial information was compromised in the Figure Technology security incident, you may be eligible to join a class action lawsuit. To start the process, contact our data breach lawyers for a free case evaluation. We will review your “Have I Been Pwned” status or your notification letter from Figure (NASDAQ: FIGR) to determine your eligibility for financial compensation.
What can a Figure Technology data breach lawyer do for me?
A specialized data breach lawyer holds corporations accountable for failures in cybersecurity. Our legal team investigates whether Figure Technology Solutions, Inc. or its auxiliary partners (such as Guaranteed Rate or CrossCountry Mortgage) failed to implement reasonable security measures to protect borrower data. We work to recover damages for identity theft risks, financial losses, and the loss of privacy.
Are there fees for a Figure Technology legal consultation?
No. At Woods Lonergan PLLC, we provide 100% free and confidential consultations for all data breach victims. We operate on a contingency fee basis, which means we take no fees unless we win your case. You will never pay out-of-pocket for us to investigate your claim against Figure Technology.
About Woods Lonergan PLLC
Woods Lonergan PLLC is a nationally recognized law firm specializing in complex civil litigation, including class action, data privacy, and cybersecurity matters. We have a proven track record of successfully holding corporations accountable for data breaches and protecting the rights of consumers and businesses.
Our firm is currently representing plaintiffs in open litigation for numerous significant data breaches in 2025, including cases involving Powerschool, Ahold Delhaize, Aflac Insurance, Allianz Insurance, Johnson Controls, Community Health Center, Columbia University, DISA Global Solutions, SoundCloud and New Haven Health.
Notably, in 2025, Woods Lonergan settled the 23andMe Data Breach Lawsuit for $30 million in the Northern District of California, reached an $18 million settlement in the Yale New Haven Health data breach, and secured a multi-million dollar settlement in the Sunflower Medical Group data breach case in the U.S. District Court for the District of Kansas.
Contact Our Data Privacy Team
If you suspect your data may be exposed, do not wait for the damage to spread.
Call Our Data Breach Lawyers 24/7 at (332) 378-0376 or email loganlowe@woodslaw.com for a free and confidential consultation.
We take no fees, unless you win.
Media Sources and Investigative Reports:
- TechCrunch: Fintech lending giant Figure confirms data breach
- BleepingComputer: Data breach at fintech firm Figure affects nearly 1 million accounts
- SecurityWeek: Nearly 1 Million User Records Compromised in Figure Data Breach