Byte Federal says hackers stole the data of 58,000 customers from its systems

News13 Dec 2024

Byte Federal, one of the largest bitcoin ATM providers in the U.S, said that the data security incident it suffered in November compromised the sensitive personal information of approximately 58,000 individuals.

Headquartered in Venice, Florida, Byte Federal is a financial technology (FinTech) company specialising in Bitcoin ATMs, digital assets, and software development.

In a data security incident notification filed with the Office of Maine Attorney General this week, Byte Federal said that on November 18, it became aware of a security breach where an unauthorised third party gained access to one of its servers by exploiting a vulnerability in software provided by a third party.

The company immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident. It also took remedial actions to mitigate the impact of the incident, stating that it “shut down our platform, isolated the bad actor, and secured the compromised server.”

“We also made immediate enhancements to our systems, security, and practices. For example, our team performed a hard reset on all customer accounts. We have also updated all of our internal passwords, password management system, tokens and keys for our network to prevent any further unauthorised access,” Byte Federal added.

The compromised data included names, dates of birth, addresses, phone numbers, email addresses, government-issued IDs, social security numbers, transaction activity details, and photographs of users. Byte Federal has, however, assured its users that no user funds or assets were compromised.

While the FinTech giant found no evidence of the compromised information being misused, it has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and state attorney general. It has also urged all users to reset their login credentials to access Byte Federal services.

At the time of publishing, no known hacker group has claimed responsibility for the cyber attack on Byte Federal. The company also did not share details on who is behind the attack or whether it has received a ransom demand.