US Bitcoin ATM Giant Byte Federal Suffers Data Breach, Exposing Nearly 60,000 Users

Byte Federal revealed that a data breach compromised the personal information of approximately 58,000 customers. The firm is one of the largest Bitcoin ATM operators in the US.

The Florida-based company operates over 1,200 Bitcoin ATMs nationwide. Through them, users can buy and sell cryptocurrencies at their convenience.

Byte Federal Reveals Data Breach

In a filing with Maine’s attorney general, Byte Federal disclosed that the breach occurred on September 30. However, it was not identified until November 18. Hackers exploited vulnerabilities in third-party software, specifically the widely used developer platform GitLab, to access the company’s network.

Byte Federal stated that compromised data includes sensitive customer details, including names, addresses, phone numbers, and government-issued IDs. Additional leaked data include social security numbers, transaction histories, and even user photographs.

Upon discovering the breach, Byte Federal took swift action by performing a hard reset on all customer accounts and updating its internal passwords. The company expressed regret over the incident and assured customers that it is working to enhance its cybersecurity measures.

However, the breach has raised concerns about the security of personal data within the cryptocurrency ecosystem, particularly for services reliant on third-party software.

In a November blog post, Byte Federal acknowledged the use of GitLab in its operations and confirmed that the vulnerability exploited by the attackers has since been addressed.

“Protecting our users remains our top priority, and we are taking every possible step to ensure the security of our platform,” the company stated.

The breach is part of a growing trend of cyber-attacks targeting cryptocurrency platforms and infrastructure. Recently, a hacker bypassed Coinbase’s anti-money laundering (AML) detection system, stealing $15.9 million from the platform.

Investigators discovered that the attacker exploited a loophole in Coinbase Commerce, highlighting vulnerabilities even in highly regulated environments. These incidents mirror the importance of strong cybersecurity protocols across the crypto industry as hackers continually adapt to exploit weaknesses.

Meanwhile, the firm advised customers affected by the breach to monitor their financial accounts and credit reports for unusual activity. The company has not disclosed whether it will offer identity theft protection services to affected users, a measure often taken following such incidents.