- Byte Federal discloses data breach impacting 58,000 users due to a GitLab vulnerability exploited on September 30.
- Hackers accessed extensive personal data including names, IDs, Social Security numbers, and transaction details from Bitcoin ATM users.
Byte Federal, a leading Bitcoin ATM operator in the United States, has disclosed a significant security breach affecting 58,000 users. This incident, which came to light on November 18 but occurred on September 30, involved unauthorized access through a vulnerability in GitLab, a tool widely used by software developers.
The breach allowed hackers to access a comprehensive set of personal data including names, birthdates, addresses, phone numbers, email addresses, government-issued IDs, Social Security numbers, transaction records, and user photos.
The company reported the incident to the attorney general in Maine, outlining the steps taken to mitigate the damage. Byte Federal attributes the breach to a flaw in the GitLab software that enabled attackers to infiltrate its network and access customer information.
Following previous events, reported in ETHNews, this exposure raises significant concerns about the security measures in place to protect highly sensitive user data stored by the company’s 1,200 Bitcoin ATMs across the country.
In response to the breach, Byte Federal has taken several corrective actions. These include resetting customer accounts, updating passwords, and enhancing its security protocols to prevent future incidents. The company has communicated to its users that although there is no evidence of the compromised information being misused, it has implemented precautionary measures to secure user data.
Despite these assurances, the breach has sparked widespread concern about the adequacy of Byte Federal’s security frameworks to safeguard against sophisticated cyber threats. Users of Byte Federal services are urged to change their passwords immediately and consider placing fraud alerts or freezing their credit reports with major credit bureaus to prevent potential identity theft.
Additionally, customers are advised to monitor their bank accounts and credit reports for any unusual activity that might suggest exploitation of the stolen data.
This event underscores the ongoing challenges and risks associated with securing personal and financial information in the digital age, particularly within the cryptocurrency sector, where such data is a prime target for cybercriminals.