Bitcoin Depot Discloses Data Breach That Doxxed 27K Customers
Crypto ATM operator Bitcoin Depot has revealed that 27,000 of its customers' data was compromised in a mid-year data breach, but assured users that there is "no evidence" of customer information being misused.
The Breach: A Major Security Incident
According to a notice filed with attorneys general in Maine and Massachusetts on Monday, Bitcoin Depot reported an external system breach that affected 26,732 users' data. The breach occurred on June 23, 2024, and was attributed to an "external party" who accessed files containing personal information of certain customers.
The company's spokesperson explained that law enforcement advised them to delay notification due to an active investigation into the third-party responsible for the breach. However, after receiving clearance from authorities, Bitcoin Depot began notifying those affected by the incident.
What Information Was Exposed?
The breached data reportedly includes sensitive information such as names, phone numbers, driver's license numbers, and potentially addresses, birth dates, and emails. While there is no evidence of customer information being misused, users have been advised to monitor their credit reports and report any suspicious activity.
Precautions and Measures
To mitigate the risk of misuse, Bitcoin Depot has recommended that customers create fraud alerts and security freezes with credit agencies. These measures will alert creditors to take extra precautions before opening or changing credit accounts in their name.
A Pattern of Vulnerability?
Bitcoin Depot's spokesperson noted that the company had detected unusual activity on its network in June 2024 and immediately launched an investigation with a leading cybersecurity firm. The cybersecurity firm confirmed that an unauthorized party accessed files containing personal information of certain customers.
A Repeat Offender?
This data breach is not an isolated incident, as hackers have been targeting Bitcoin ATM operators before. For example, Byte Federal disclosed a data breach in December that potentially affected 58,000 customers after a vulnerability in software provided by a third-party was exploited.
A Cautionary Tale
The recent Coinbase hack also serves as a reminder of the vulnerabilities in online systems and the importance of robust security measures. While law enforcement may be able to investigate and prosecute perpetrators, it is often too late for users who have already been doxxed or had their personal information compromised.
A Call to Action
As Bitcoin Depot continues to enhance its security measures and improve data protection practices, users must remain vigilant. By taking proactive steps to monitor their accounts and report suspicious activity, individuals can help minimize the risk of identity theft and financial loss.