Overview
- Bitcoin Depot disclosed Wednesday in an SEC filing that attackers used stolen settlement‑account credentials on March 23 to transfer about 50.903 BTC from company wallets.
- After detecting the breach, the company launched its incident response, brought in outside cybersecurity firms, and notified law enforcement, with the investigation still in progress.
- The firm said the intrusion stayed inside its corporate environment and did not touch customer platforms, systems, or data.
- On April 6 the company labeled the event material, booked a preliminary $3.665 million loss, and cautioned its cyber insurance might not cover the full hit.
- BTM shares rose 15.6% to $2.74 Wednesday after the disclosure, and the operator’s need to hold bitcoin to settle ATM transactions makes large networks like its 25,000‑plus locations attractive targets.