Byte Federal, one of the biggest Bitcoin ATM operators in the United States, suffered a major data breach that potentially affected 58,000 customers.
On Dec. 12, Florida-based Byte Federal submitted a filing with Maine’s attorney general, reporting a security breach resulting in unauthorized access to its clients’ personal data.
Byte Federal said it had discovered the attack on Nov. 18, more than 30 days after it occurred on Sept. 30, with a bad actor exploiting a vulnerability in software provided by a third party.
After detecting the incident, the Bitcoin ATM operator immediately shut down its platform and assured customers that no user assets or funds had been compromised.
58,000 customers had their personal data potentially exposed
In the filing, Byte Federal said that the bad actor attempted to gain unauthorized access to the personal information of as many as 58,000 customers, including 111 Maine residents.
The potentially exposed data included names, dates of birth, addresses, phone numbers, email addresses, government-issued IDs, social security numbers, transaction activity and photographs of users.
Byte Federal’s data breach information. Source: Maine.gov
Byte Federal said it has no evidence that any of its customers’ personal information was actually compromised or misused in any manner. It added:
“Nonetheless, we are taking precautionary measures to ensure the security of your data and to help alleviate any concerns you may have.”
Byte Federal urges clients to reset login credentials
Following the breach, Byte Federal performed a hard reset on all customer accounts, sending a notice of the incident.
The platform also updated its internal passwords, password management system, tokens and keys to prevent any further unauthorized access.
“With the assistance of an independent cybersecurity team, we are conducting a forensic investigation to determine the cause and the scope of the incident,” Byte Federal said, adding that a legal investigation is ongoing.
Related: Australia to crack down on crypto ATM providers, citing money laundering risk
The ATM firm also urged customers to reset their login credentials and said they may be asked to verify their personal data and confirm their identities for their protection.
Byte Federal operates 4.3% of Bitcoin ATMs in the US
Byte Federal operates 1,356 Bitcoin ATMs in the US, accounting for 4.3% of all crypto ATMs in the country, according to data from CoinATMRadar.
The largest share of US-located Bitcoin ATMs is held by Bitcoin Depot, which has at least 8,100 crypto exchange machines.
Top crypto ATM operators in the US. Source: CoinATMRadar
A Bitcoin ATM is one of the most straightforward methods to exchange fiat currencies like the US dollar for BTC and vice versa without using a centralized exchange.
In September, the US Federal Trade Commission issued a warning on Bitcoin ATMs, alerting that BTC ATM-related scam incidents had surged 1,000% since 2020.
Magazine: BTC hits $100K, Trump taps Paul Atkins for SEC chair, and more: Hodler’s Digest, Dec. 1 – 7