Bitcoin Depot Inc. disclosed a cybersecurity incident resulting in the unauthorized transfer of approximately 50.9 BTC, valued at around $3.66 million. The breach, identified on March 23, involved compromised credentials for its digital asset settlement accounts. The company stated customer systems were unaffected and the incident is under investigation with external experts and law enforcement.
Bitcoin Depot Inc. reported a cybersecurity breach in a recent 8-K filing. An unauthorized party transferred about 50.9 Bitcoin, worth approximately $3.66 million, from company-controlled wallets.
The attacker gained access to parts of the firm’s internal IT systems on March 23. They obtained credentials linked to Bitcoin Depot‘s digital asset settlement accounts to execute the unauthorized transfers.
The company confirmed the incident was contained within its corporate environment. No evidence that customer-facing platforms, systems, or personal data were affected.
Bitcoin Depot has activated its incident response protocols and engaged external cybersecurity experts. It has also notified law enforcement as part of an ongoing investigation.
The breach targeted operational accounts used for liquidity management and fund flows. It underscores risks in off-chain infrastructure and traditional credential security rather than blockchain vulnerabilities.
The company stated it does not expect a material impact on its financial condition or operations. It recorded a preliminary loss estimate of $3.66 million, though the final figure may change.
Bitcoin Depot maintains insurance coverage for cybersecurity incidents. Recovery of the full losses remains uncertain at this stage.
The incident reflects a broader pattern of breaches originating from internal systems in the digital asset industry. Securing operational infrastructure remains a critical component of risk management for crypto firms.
