Excerpt from GBHackers, Published on July 11, 2025
Bitcoin Depot, one of the largest cryptocurrency ATM providers in the U.S., has confirmed a data breach involving customer data after a third-party vendor was compromised. The incident reportedly occurred in early June and led to the exposure of sensitive customer information, including names, contact details, and transaction history.
The company disclosed that the breach was not a direct attack on Bitcoin Depot’s infrastructure but rather the result of unauthorized access through a third-party service provider. Though the affected vendor was not named, the company emphasized that once the breach was discovered, it immediately launched an investigation and took corrective action.
Bitcoin Depot has notified law enforcement and is working with cybersecurity experts to mitigate the impact. Affected users have also been informed and offered complimentary credit monitoring and identity protection services.
The breach raises new concerns about the security posture of cryptocurrency-related companies, especially those relying on external vendors for data processing or system support. In the decentralized finance space, third-party vulnerabilities often become a major threat vector, and this case reinforces the need for rigorous vendor risk assessments and compliance with standards such as SOC 2 and ISO 27001.
As regulators increasingly scrutinize crypto firms, this breach could trigger broader discussions about data privacy obligations in the digital asset industry.
To delve deeper into this topic, please read the full article on GBHackers.
