Bitcoin Depot Data Breach Impacts 26,732 Customers

Bitcoin Depot, a leading operator of Bitcoin ATMs, has revealed a substantial data breach that has impacted 26,732 of its customers. The breach was first detected on June 23, 2024, when the company identified suspicious activity on its information systems. In response, Bitcoin Depot launched an investigation, engaging third-party security experts to assess the extent of the breach. The investigation confirmed on July 18, 2024, that a hacker had accessed documents containing personal data of the affected customers. The stolen information included names, phone numbers, and driver’s license numbers, with some records also containing home addresses, birth dates, and email addresses.

The company was unable to notify affected users earlier due to an ongoing federal investigation. The disclosure hold was only lifted on June 13, 2025, when law enforcement confirmed that their investigation had concluded. Bitcoin Depot emphasized that there is no evidence so far that the exposed data has been misused. The company is offering support to affected individuals and has implemented new security measures, improved system monitoring, and increased internal awareness to help prevent future incidents.

Users are advised to stay vigilant over the next 12 to 24 months and are urged to monitor financial accounts, review credit reports, and report any suspicious activity or signs of identity theft immediately. The breach comes amid a wave of targeted attacks on crypto service providers, as threat actors continue to evolve their tactics to prey on unsuspecting individuals and entities. It echoes a similar December 2024 breach on rival crypto ATM operator Byte Federal, which exposed personal data of more than 58,000 users.

Bitcoin Depot is currently the largest crypto ATM operator in the United States, with a network of over 8,000 kiosks nationwide. The exposure of personal data can have far-reaching consequences for affected users, including identity theft and financial fraud. Customers are advised to monitor their accounts closely and report any suspicious activity to their financial institutions. Additionally, changing passwords and enabling two-factor authentication can help mitigate the risks associated with such breaches.

This event highlights the broader issue of data security in the cryptocurrency sector. As more individuals and institutions adopt digital currencies, the importance of protecting sensitive information becomes paramount. Companies must invest in advanced security measures and regularly update their systems to stay ahead of evolving cyber threats. The incident at Bitcoin Depot serves as a cautionary tale for other operators in the industry, emphasizing the need for continuous vigilance and proactive security strategies. The breach underscores the ongoing challenges faced by cryptocurrency companies in safeguarding user data. As the use of Bitcoin ATMs continues to grow, so does the potential for cyber threats. This incident serves as a reminder of the critical need for robust cybersecurity protocols within the industry. Bitcoin Depot's prompt notification to customers is a positive step, allowing individuals to take necessary precautions to protect their personal information.