The Target: Crypto ATM operator Bitcoin Depot
The Take: Bitcoin Depot said in its notice to customers that the breach involved their name, phone number, driver’s license number and could have also included addresses, birth dates and emails.
The Vector: On July 18, 2024, the cybersecurity firm finished its investigation and “confirmed that an unauthorized party accessed files containing personal information of certain customers,” according to a spokesperson and the customer notice.
This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.