Image source Pexels.com
Byte Federal, one of the largest Bitcoin ATM operators in the U.S., has disclosed a data breach that exposed the personal information of 58,000 customers. The compromised data includes sensitive details such as names, addresses, phone numbers, government-issued IDs, Social Security numbers, transaction histories, and user photographs. The breach occurred on September 30, 2023, but Byte Federal did not discover it until November 18, 2023. The Florida-based company, which operates over 1,200 Bitcoin ATMs across the U.S., said the breach was caused by hackers exploiting a vulnerability in third-party software, specifically the popular GitLab developer platform. This allowed the attackers to access Byte Federal’s network and customer data. In response, the company immediately performed a hard reset on all customer accounts, updated internal security measures, and changed passwords to prevent further damage. Byte Federal has since notified affected customers and is working with cybersecurity experts to investigate the incident and bolster security moving forward.
While Byte Federal has faced growing competition from other Bitcoin ATM providers, its extensive network and reputation for reliability have helped it remain a key player in the market. However, the recent data breach highlights the vulnerabilities that even well-established companies face as they continue to expand in the digital economy. The breach has raised questions about the security of cryptocurrency-related services and has prompted increased scrutiny on the ways in which personal data is protected, especially when third-party software is involved.