Bitcoin ATM firm Byte Federal hacked via GitLab flaw, 58K users exposed

December 13, 2024

Byte Federal

US Bitcoin ATM operator Byte Federal has disclosed a data breach that exposed the data of 58,000 customers after its systems were breached using a GitLab vulnerability.

Byte Federal is the largest US operator of Bitcoin ATMs across the United States, with over 1,200 ATMs located in forty-two states, allowing people to exchange cash for cryptocurrency.

The company is now sending out data breach notifications warning that it suffered a data breach in November after hackers gained access to its systems by exploiting a GitLab vulnerability.

"On November 18, 2024, Byte Federal became aware of a security breach by a bad actor who gained unauthorized access to one of our servers by exploiting a vulnerability in GitLab, a third-party software platform commonly used by developers worldwide for project management and collaboration with comprehensive security features," reads the Byte Federal data breach notification letter.

"Upon discovery of the incident, our team immediately shut down our platform, isolated the bad actor, and secured the compromised server."

While it is not known what specific GitLab vulnerability was exploited, the company has fixed numerous flaws over the past year that could be used to breach networks.

In response to the incident, the company performed a "hard reset" on all customer accounts, updated all internal passwords and account management systems, and revoked tokens and keys used for internal network access.

The notice underlines that no user funds or digital assets were compromised from this breach, but the attackers accessed the following sensitive information:

Full name
Date of birth
Physical address
Phone number
Email address
Government-issued ID
Social Security number (SSN)
Transaction activity
User photographs

The above information is particularly sensitive and very revealing for cryptocurrency holders, potentially putting them at risk of SIM swap attacks, account takeovers, or other targeted phishing attacks.

Byte Federal says that, as of today, there is no evidence that this information has been misused.

The forensic analysis, aided by external cybersecurity experts, is still underway, and law enforcement is also involved.

Those impacted are advised to remain vigilant against unsolicited communications that could be phishing attempts and to report any suspicious incidents to the authorities.

"If you have not reset your login credentials for access to Byte Federal services, please do so now," recommends the data breach notice.

"It's important to remain vigilant for incidents of fraud and identity theft that may impact your financial security by regularly reviewing your account statements and by monitoring your credit reports."

Byte Federal has not offered any identity theft protection and credit monitoring services, so those impacted should periodically check their credit report to see if any fraudulent accounts have been created.

Instead, the company has set up a dedicated helpline at (786) 686-2983 or via email at [email protected], where people can address their concerns.