Bitcoin Depot, a crypto ATM operator, has recently alerted its users about a data breach that has exposed the personal information of approximately 27,000 individuals. This notification comes from both the Maine and Massachusetts Attorney Generals, revealing that 26,732 users were impacted by an “external system violation” that took place on June 23, 2024.
A spokesperson for Bitcoin Depot mentioned to Cointelegraph that they had to postpone notifying users due to directives from federal law enforcement, who were conducting an investigation into the responsible third parties. They noted, however, that as of June 13, the investigation had been completed, allowing the company to finally reach out to affected customers.
In a broader context, crypto and tech firms have disclosed over 16 billion compromised login details associated with popular online services recently. These companies frequently find themselves under attack, as illustrated by a hacking incident involving user data from Crypto Exchange Coinbase last May.
Details of the Breach
Bitcoin Depot indicated that the compromised data could include names, phone numbers, driver’s license numbers, and possibly addresses, birth dates, and email addresses. A spokesperson reassured that there’s currently “no evidence” of customer information being misused and emphasized their commitment to data protection.
The company has advised customers to monitor their credit reports closely, report any suspicious behavior, and consider setting up fraud alerts and security freezes with financial institutions. They’ve also urged creditors to exercise caution when modifying accounts.
Investigation and Response
In June 2024, Bitcoin Depot revealed that they noticed unusual activity on their network, prompting an immediate investigation with a cybersecurity firm. By July 18, the investigation concluded, confirming that a fraudulent entity had accessed files containing personal information of customers.
While specifics were not provided, the company noted that it is collaborating with law enforcement on the incident and is enhancing security measures to prevent future occurrences.
Previous Incidents
This breach isn’t an isolated event; hackers have previously targeted Bitcoin ATM operators. In December, a breach involving external software vulnerabilities potentially affected around 58,000 customers, prompting immediate action to secure user assets. Coinbase also reported earlier this year that it was a target of a hacking attack, during which they encountered a ransom demand of $20 million after user data was leaked.
