Byte Federal, a prominent bitcoin ATM provider in the United States, has announced a significant data breach affecting the personal and transaction information of 58,000 customers. Byte Federal operates over 1,200 Bitcoin ATMs nationwide, providing users with an accessible way to engage in cryptocurrency trading.
In a report to the Maine Attorney General, Byte Federal confirmed that sensitive customer information was compromised, including names, addresses, phone numbers, government-issued IDs, social security numbers, account information and transaction records. The breach occurred on 30 September 2024, but was not identified until 18 November 2024.
Bitcoin ATM giant Byte Federal says 58,000 users’ personal data compromised in breachhttps://t.co/ZXA8hLjuWb pic.twitter.com/ty8V4UW7cc
— John Marcellus (@safespace4space) December 12, 2024
The incident was attributed to a vulnerability in third-party software. Hackers exploited a vulnerability in GitLab, a popular platform used by developers, to gain unauthorised access.
Response measures
Upon discovery, Byte Federal took immediate action to mitigate risk and protect customer information:
- Reset all customer accounts.
- Updated internal passwords.
- Fixing the GitLab vulnerability.
In a statement, the company assured customers that it had addressed the issue and emphasised its commitment to protecting user data. Byte Federal said: “Our priority is to ensure the security of our customers’ information and the integrity of our services.
Broader implications for cryptocurrency security
The Byte Federal breach highlights growing concerns about cybersecurity in the cryptocurrency sector. Cyberattacks targeting both digital assets and user data have become more frequent, with hackers using increasingly sophisticated methods.
Recent incidents, such as the attack on Giggle Academy – a crypto-focused platform founded by former Binance CEO Changpeng Zhao – highlight the evolving threat landscape. Hackers stole $753 million in cryptocurrency-related crimes worldwide in the third quarter of 2024 alone.
To combat these threats, experts recommend that organisations
Perform regular system updates and audits.
Implement robust threat detection and monitoring systems
Encourage users to enable two-factor authentication and remain vigilant for suspicious activity.
Global efforts to improve crypto security
As the adoption of cryptocurrencies continues to grow, so does the urgency to strengthen security protocols. Some countries, such as Nigeria, have introduced strict penalties for crypto-related fraud, including fines of up to $12,000 or 10-year prison sentences. These measures aim to deter fraud and restore trust in the digital currency ecosystem.
This breach serves as a wake-up call for the industry to prioritise security and ensure user confidence in the evolving cryptocurrency landscape.
