Byte Federal, a prominent Bitcoin ATM operator in the United States, has disclosed a significant data breach that compromised the personal information of approximately 58,000 customers. The breach occurred on September 30, 2024, but was only discovered by the company on November 18, 2024. Hackers gained access to the company’s network by exploiting a vulnerability in third-party software, specifically within the GitLab developer platform. Byte Federal, which operates over 1,200 Bitcoin ATMs across the U.S., is now working to address the impact of this incident.
The compromised data includes sensitive information such as names, addresses, phone numbers, Social Security numbers, government-issued IDs, transaction activity, and user photographs. This breach has raised concerns about the privacy and security of users who rely on Bitcoin ATMs for cryptocurrency transactions. The company has assured its customers that it is taking immediate action to mitigate any further risks and protect its users’ data.
In response to the breach, Byte Federal has reset all customer accounts and updated internal passwords. The company is also working with security experts to assess the full scope of the breach and strengthen its cybersecurity measures moving forward. While the breach was traced back to an issue within GitLab’s platform, Byte Federal has emphasized that it is cooperating with the relevant authorities to ensure a thorough investigation.
The breach is a reminder of the increasing cybersecurity risks faced by organizations, particularly those involved in financial services and cryptocurrency. As Bitcoin ATMs continue to grow in popularity, ensuring robust security measures will be critical in safeguarding both users and operators. Byte Federal has pledged to cover the costs of incident response through its cybersecurity insurance policy and is committed to restoring customer trust.
Reference:
