Byte Federal, a leading Bitcoin ATM operator in the U.S., has confirmed that the personal data of 58,000 customers was compromised. This breach, which was discovered in mid-November, has raised serious concerns over the safety of user information stored by cryptocurrency service providers.
Hackers Accessed Sensitive User Data
Byte Federal revealed that hackers gained unauthorized access to sensitive personal data, including names, addresses, phone numbers, Social Security numbers, government-issued IDs, transaction histories, and even user photographs. The breach, which occurred on September 30, remained undetected for over six weeks, leading to a delayed public disclosure.
Exploitation of Third-Party Software Vulnerability
The Florida-based company traced the source of the breach to a vulnerability in a third-party software system. According to Byte Federal’s statement, the flaw was located in GitLab, a popular developer platform. The breach highlights the growing risks associated with third-party software used by companies to run their operations. As hackers continue to exploit vulnerabilities in such platforms, users are becoming increasingly vulnerable to data theft and identity fraud.
Byte Federal’s Response to the Breach
Upon discovering the breach, Byte Federal acted swiftly to mitigate the damage. The company immediately reset all affected customer accounts, ensuring that users’ personal information is better protected. Additionally, Byte Federal updated its internal security protocols and changed its passwords to prevent further unauthorized access.
Ongoing Investigation and User Awareness
Byte Federal has reported the breach to the Maine attorney general and is cooperating with authorities to investigate the incident. The company has urged affected users to remain vigilant, monitor their accounts for any suspicious activity, and take precautions to safeguard their personal information.
For further details on the breach and its impact, please refer to the full report on TechCrunch.
