Pierluigi Paganini December 12, 2024

US Bitcoin ATM operator Byte Federal suffered a data breach impacting 58,000 customers, attackers gained unauthorized access to a server via GitLab flaw.

US Bitcoin ATM operator Byte Federal disclosed a data breach after threat actors gained unauthorized access to a company server by exploiting a GitLab vulnerability.

Byte Federal is a company specializing in cryptocurrency services through its network of over 1,200 Bitcoin ATMs across the United States. These ATMs allow users to buy and sell Bitcoin and other cryptocurrencies, including Ethereum, Dogecoin, and stablecoins like USDC and DAI.

The incident affected 58,000 customers, and the company is notifying them about the data breach.

The company responded to the incident by shutting down its platform, locking out the attacker, and securing the compromised server. The incident response included enhanced security, a hard reset on customer accounts, and the update of internal passwords and network keys. The company is investigating the incident with the help of an external cybersecurity team.

“On November 18, 2024, Byte Federal became aware of a security breach by a bad actor who gained unauthorized access to one of our servers by exploiting a vulnerability in GitLab, a third party software platform commonly used by developers worldwide for project management and collaboration with comprehensive security features.” reads the data breach notification letter sent to the impacted customers. “Upon discovery of the incident, our team immediately shut down our platform, isolated the bad actor, and secured the compromised server.”

Potentially compromised customer personal information includes name, birthdate, address, phone number, email address, government-issued ID, social security number, transaction activity, and photographs of users.

However, the company has no evidence at this time that any of the customer information was actually compromised or misused in any manner. Nonetheless, Byte Federal is taking precautionary measures to ensure the security of its data.

Byte Federal did not reveal the GitLab vulnerability exploited by the attackers.

US Bitcoin ATM operator recommends users reset their login credentials and monitor accounts for fraud or identity theft. Users are encouraged to review statements, monitor credit reports, and place fraud alerts or security freezes with credit reporting agencies to prevent unauthorized activity. Victims of identity theft can file reports with local law enforcement or the FTC for assistance in securing their accounts.

Unlike other companies that suffered a data breach, Byte Federal has not offered any identity theft protection and credit monitoring services.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Bitcoin)