Bitcoin Depot Reports Data Breach Affecting 27,000 Customers

Bitcoin Depot, a prominent crypto ATM operator, has recently disclosed a data breach that occurred in mid-2024, affecting nearly 27,000 customers. The breach, which was detected on June 23, 2024, involved the exposure of sensitive personal information, including names, phone numbers, driver’s license numbers, addresses, birth dates, and email addresses.

The company notified its users of the breach on Monday, filing a notice with attorneys general in Maine and Massachusetts. According to the notice, the breach was the result of an “external system breach” and was investigated by federal law enforcement. Bitcoin Depot was directed by law enforcement to delay notification due to an active investigation into the third party responsible for the breach. The company was recently cleared to begin notifying those affected.

Bitcoin Depot has assured its customers that there is no evidence of the exposed information being misused. The company has advised customers to monitor their credit reports, report any suspicious activity, and create fraud alerts and security freezes with credit agencies. These measures are intended to protect customers from potential identity theft and fraud.

The breach at Bitcoin Depot is part of a broader trend of cyberattacks targeting crypto and tech companies. Hackers have exposed over 16 billion login credentials to popular online services and stolen user data from various platforms, including the crypto exchange Coinbase in May. These incidents highlight the ongoing threat of cyberattacks in the digital age and the importance of robust cybersecurity measures.

In response to the breach, Bitcoin Depot has taken steps to enhance its security measures and increase awareness of data security protection. The company has cooperated with law enforcement over the incident and is committed to protecting customer data and privacy. The breach serves as a reminder of the vulnerabilities in the crypto industry and the need for continuous vigilance and improvement in cybersecurity practices.

This incident is not an isolated one. Hackers have targeted Bitcoin ATM operators before, with Byte Federal disclosing a data breach in December that potentially affected 58,000 customers. The breach at Byte Federal was the result of a vulnerability in software provided by a third party. Similarly, Coinbase was targeted by bad actors who bribed third-party contractors to obtain customer information. These incidents underscore the need for enhanced security measures and vigilance in the crypto industry.