Byte Federal, one of the largest Bitcoin ATM operators in the US, has reported a major data breach affecting 58,000 customers. The incident occurred on November 18, 2024, when an attacker exploited a vulnerability in the third-party project management platform GitLab to gain unauthorized access to one of Byte Federal’s servers.
The company’s security team immediately detected the intrusion, quarantined the server and blocked the platform. In response, Byte Federal completely reset user accounts and strengthened its internal security systems, including passwords, tokens and keys.
According to an SEC report, data that was stolen included names, dates of birth, addresses, phone numbers, email addresses, government IDs, government IDs, social security numbers, transaction history and even photos . The company recommends changing credentials, monitoring financial transactions, and implementing safeguards on credit reports.
Byte Federal is known for providing the infrastructure for cryptocurrency transactions through its Bitcoin ATM network. Previous incidents have shown that such data leaks can seriously affect a company’s reputation and increase the risk of fraud for customers, and the incident with Byte Federal shows that regular security audits, careful selection of third-party platforms in order to maintain customer trust emphasize the need to implement modern security measures.