58,000 individuals’ data exposed after Bitcoin ATM operator hack

Muhammad Asyfaul via Unsplash

A United States Bitcoin ATM operator, Byte Federal, recently disclosed a cyber incident. This incident was caused by a a GitLab vulnerability and led to the exposure of 58,000 users.

Byte Federal became aware of the unauthorized access on November 18th and shut down the platform in order to contain the malicious actor. According to Bute Federal, there has been no evidence that personal data was compromised, nor that user assets or funds were lost. However, user data was subject to the unauthorized access attempt, which includes:

Names
Dates of birth
Address
Phone number
Email address
Transaction activity
Government identification
Social Security Number
User photographs

Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, comments, “It seems like Byte Federal is doing all the right things in response to this security breach. Other companies should take note. My biggest worry would be a user's funds or private keys being compromised, but this doesn't appear to have happened, and that's a good thing. Although, the information the attacker did have access to could easily be used in sophisticated spear phishing attacks using crypto-related themes. That's really the only remaining worry. Byte Federal customers have to understand that some attackers intent on stealing their crypto value could use learned information against them in sophisticated phishing attacks and act accordingly.”

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Jordyn Alger is the managing editor for Security magazine. Alger writes for topics such as physical security and cyber security and publishes online news stories about leaders in the security industry. She is also responsible for multimedia content and social media posts. Alger graduated in 2021 with a BA in English – Specialization in Writing from the University of Michigan. Image courtesy of Alger