Bitcoin ATM Operator Hacked, 58,000 Users’ Personal Data Compromised


Byte Federal, one of the largest Bitcoin ATM operators in the United States, has reported a significant data breach affecting approximately 58,000 customers.

In a recent security incident, Byte Federal, a prominent provider of financial services, disclosed that it experienced a significant data breach on November 18, 2024.

Unauthorized access was gained to one of its servers through a vulnerability in GitLab, a third-party software platform widely used by developers for project management and collaboration.

The breach was detected promptly by Byte Federal’s security team, who acted immediately to shut down the platform, isolate the intruder, and secure the compromised server.

As a precaution, the company implemented a hard reset of all customer accounts and updated internal security measures, including passwords, management systems, tokens, and keys.

2024 MITRE ATT&CK Evaluation Results for SMEs & MSPs -> Download Free Guide

An independent cybersecurity team has been engaged to conduct a comprehensive forensic investigation to ascertain the breach’s full scope and cause.

Byte Federal is also cooperating with law enforcement to address the incident. Importantly, the company assured its users that no funds or assets were compromised during the breach.

According to an SEC filing, the data targeted in the breach included a range of customer personal information such as names, birthdates, addresses, phone numbers, email addresses, government-issued IDs, social security numbers, transaction activities, and photographs.

While there is currently no evidence that any personal information was compromised or misused, Byte Federal is taking extensive measures to protect user data and address any potential concerns.

Byte Federal has set up a dedicated helpline for affected customers and is offering support through its customer service team. They recommend users reset their login credentials and remain vigilant for any signs of fraud or identity theft.

The company urges users to regularly monitor their account statements and credit reports for suspicious activity and provides guidance on placing fraud alerts, or security freezes with major credit reporting agencies.

Paul Tarantino, CEO of Byte Federal, expressed the company’s commitment to safeguarding personal data and apologized for the inconvenience caused by the breach. “We take our responsibilities to protect your personal data very seriously,” Tarantino stated. “We are deeply troubled by this situation and are doing everything in our power to address it.”

Investigate Real-World Malicious Links, Malware & Phishing Attacks With ANY.RUN – Try for Free



Source link