Hackers Breach Data of 58,000 Bitcoin ATM Users

Hackers have accessed the personal data of 58,000 users of Byte Federal’s bitcoin ATMs, reports TechCrunch, citing documents filed by the firm with the Maine Attorney General’s office.

The compromised data includes names, addresses, phone numbers, government IDs, social security numbers, transaction details, and user photographs.

The breach occurred on September 18. Byte Federal’s team discovered the issue on November 18. According to them, an unnamed hacker gained access to the company’s servers through a vulnerability in the GitLab platform.

Upon identifying the attack, developers shut down the platform and isolated the affected parts of the system. They also updated all access credentials and hired an independent firm to investigate the incident. Customer funds were not affected.

According to Byte Federal’s website, the company operates over 1,200 devices across the United States.

In March 2023, another crypto ATM provider, General Bytes, was attacked, resulting in unauthorized access to personal data and customer funds.

In January 2024, researchers identified and helped fix several vulnerabilities in ATMs by Lamassu Industries.

By June 2024, the number of crypto ATMs worldwide reached 38,278 units, nearing the December 2022 record of 39,541 devices.