Last updated:
Ad Disclosure
We believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships.
Byte Federal, a leading Bitcoin ATM operator in the U.S., has confirmed a major breach that exposed the sensitive data of 58,000 customers. The company operates over 1,200 Bitcoin ATMs across the U.S., offering customers an accessible way to trade cryptocurrencies.
Bitcoin ATM Operator Confirms Security Vulnerability Impacting Thousands
In a report to Maine’s attorney general, Byte Federal revealed that the incident compromised personal information such as names, addresses, phone numbers, government-issued IDs, Social Security numbers, customer accounts, and transaction activity. The attack occurred on September 30 but remained undetected until November 18. Byte Federal operates over 1,000 Bitcoin ATMs in the US.
Investigators traced the breach to a third-party software. Byte Federal stated that the attackers exploited a bug in GitLab, a widely used developer platform.
Upon discovering the breach, Byte Federal implemented several steps to protect its users. The company executed a hard reset on all customer accounts and updated internal passwords. These measures aim to safeguard data and prevent further unauthorized access.
In a November blog post, Byte Federal confirmed that the GitLab vulnerability had been addressed. The company stated, “Our priority is to ensure the security of our customers’ information and the integrity of our services.”
The Larger Implications for Crypto Security
This security incident has sparked renewed discussions about the security of cryptocurrency platforms. Cyberattacks on crypto services continue to rise, targeting both assets and personal information.
The breach at Byte Federal is part of a wider trend of rising cyber threats in the crypto world. Adding to this troubling pattern, the recent attack on Giggle Academy, founded by former Binance CEO Changpeng Zhao, exposed another pattern where hackers posted fake claims and phishing links on the platform’s X account.
These issues demonstrate how scammers increasingly target crypto users, as evidenced by the theft of over $753 million in the third quarter (Q3) of 2024. phishing-related losses in 2024. The attacks are growing more sophisticated, making it even more important for companies to strengthen their security architecture and processes to fend them off.