Byte Federal, one of the largest Bitcoin ATM operators in the United States, said the personal data of thousands of customers may have been compromised in a recent breach.
In documents filed with the Maine attorney general, Florida-based Byte Federal said the hackers had access to names, addresses, phone numbers, government-issued IDs, social security numbers, transaction activity and photos of users. It said it attempted to access the data of 58,000 customers.
The company said the breach occurred on September 30th and was discovered by Byte Federal on November 18th. It said an anonymous attacker gained access to the company's network by exploiting a vulnerability in third-party software. The company said in a blog post in November that the bug was in the popular developer platform GitLab.
Byte Federal, which operates more than 1,200 Bitcoin ATMs (electronic kiosks where you can buy and sell cryptocurrencies) across the United States, said it has since hard-reset all customer accounts and updated internal passwords.