Byte Federal Reports Data Breach Impacting 58K Customers
Byte Federal Inc, a leading operator of Bitcoin ATMs in the United States, reported that up to 58,000 customers were affected by a data breach on September 30, 2024, discovered on November 18. A filing to the Maine Attorney General from COO and CIO Lee Hansen revealed that 111 Maine residents were impacted. The breach occurred through an external system.
Hackers gained unauthorized access to a server by exploiting a vulnerability in GitLab, a third-party software platform. Byte Federal confirmed that no user funds or digital assets were compromised, but critical user information was stolen, including on-chain transaction history, photographs, phone numbers, email addresses, government-issued IDs, social security numbers, physical addresses, birth dates, and names.
This data can enable attackers to track Byte Federal customers and potentially coerce them into cashing out funds. To mitigate risks of fraud and identity theft, Byte Federal recommended all customers reset their login credentials and advised placing a fraud alert or security freeze with relevant agencies.
Impact of Byte Federal on Bitcoin and Altcoin Industry
Byte Federal operates over 1,200 Bitcoin ATMs in the U.S. The company performed a hard reset on all customer accounts and updated internal passwords following the breach. However, trust among customers has diminished, potentially impacting the company's ability to attract new users compared to competitors.
Other major Bitcoin ATM operators in the U.S. include General Bytes (over 12,000 kiosks), Genesis Coin (over 9,600 kiosks), BitAccess (over 8,800 kiosks), and Bitstop (over 2,600 kiosks).
The cryptocurrency sector is expected to expand as more Web2 companies engage with it and legislators introduce supportive regulations. Additionally, the U.S. may implement strategic Bitcoin reserve legislation aimed at purchasing up to 1 million BTCs to address national debt challenges.