One of the United States of America’s biggest Bitcoin ATM operators, Byte Federal, has suffered a massive breach, which has led to the loss of sensitive data.
According to details, Byte Federal’s data breach exposed the sensitive information of over 58,000 users to the hackers. The details revealed that the hack occurred on September 30, but was discovered on November 18. The hackers breached Byte Federal’s system, gaining access through a vulnerability in GitLab, a developer tool.
Hackers breach Byte Federal through GitLab vulnerability
According to reports, the stolen data includes names, phone numbers, birth dates, social security numbers, transaction records, user photos, and government ID cards. After Byte Federal discovered the breach, it acted quickly to plug the gap and limit the extent of the harm, according to its filing with the attorney general in Maine.
The company reported that the hackers were able to breach its system through a bug in third-party developer software GitLab. The bug created the perfect opening for the hacker to slip on and steal the sensitive user details. Byte Federal became one of the targets of hackers due to its 1,200 ATMs positioned in strategic locations across the United States. These Bitcoin ATMs are fed sensitive data which it stores directly.
The company noted that it has taken several steps to make amends, including resetting user passwords and stepping up its security protocols. The ATM operator also assured its users that it was taking measures to ensure their data were safe. “We have no evidence that your personal information was compromised or misused in any manner. Nonetheless, we are taking precautionary steps to safeguard your data,” Byte Federal said.
Despite the assurances, the massive breach has raised eyebrows in the country, with most people questioning Byte Federal’s capacity to secure data. The company has also urged its users to change their passwords immediately, adding fraud alerts if necessary. Byte Federal also asked them to consider freezing their accounts with credit bureaus to prevent identity theft while keeping their eyes on their accounts for unsanctioned transactions.