Byte Federal Data Breach Exposes Personal Information of 58,000 Bitcoin ATM Users

Hackers exploited a GitLab vulnerability to access sensitive customer data, including Social Security numbers and government IDs, in a breach reported by the U.S.-based Bitcoin ATM operator.

• Byte Federal, operating 1,200 Bitcoin ATMs across 42 U.S. states, disclosed a breach affecting 58,000 customers after hackers exploited a GitLab software vulnerability.
• The breach occurred on September 30, 2024, but was only detected on November 18, prompting the company to shut down its platform and enhance security measures.
• Exposed data includes full names, birthdates, addresses, phone numbers, email addresses, government-issued IDs, Social Security numbers, transaction activity, and user photographs.
• Byte Federal emphasized that no user funds or digital assets were compromised and stated there is currently no evidence of the stolen data being misused.
• Customers are advised to reset their passwords, monitor financial accounts, and consider freezing their credit to mitigate risks of identity theft or fraud.

3 Articles

BleepingComputer Gizmodo TechCrunch