Skip to content
Cyber Breaches
Search
Data breachResolved

Figure data breach (2026)

In February 2026, data obtained from the fintech lending platform Figure was publicly posted online. The exposed data, dating back to January 2026, contained over 900k unique email addresses along with names, phone numbers, physical addresses and dates of birth.

Victim
Figure
records
967.2K
SectorFinance

Imported from Have I Been Pwned β€” pending editorial review and translation to French. The summary below is machine-extracted; consult the source for details.

In 2026-01-28, Figure was affected by a data breach. Approximately 967,178 accounts were exposed. In February 2026, data obtained from the fintech lending platform Figure was publicly posted online. The exposed data, dating back to January 2026, contained over 900k unique email addresses along with names, phone numbers, physical addresses and dates of birth.

Sources

  1. haveibeenpwned.comhttps://haveibeenpwned.com/PwnedWebsites#Figure
  2. figure.comhttps://figure.com

Related incidents

Data breachUnknown

23,685 records: claimed leak at ATOA

A threat actor put a database from ATOA β€” a French real-estate tokenization and fractional-investment fintech β€” up for sale on a dark web forum, exposing roughly 23,685 user and financial records plus 326 full KYC archives containing passports, ID cards and banking details.

Victim
ATOA
Records
23.7K