On March 17-18th, 2023, General Bytes, a leading provider of cryptocurrency ATMs and point-of-sale (POS) solutions, experienced a security incident that impacted their internal infrastructure and systems. According to the company’s official statement, the incident resulted in unauthorised access to some of their servers and databases, potentially exposing sensitive data of their customers, partners, and employees.
What happened? While the details of the incident are still being investigated, General Bytes confirmed that the attackers gained access to their network through a compromised employee account. From there, they were able to bypass some of the company’s security measures and access servers and databases containing sensitive information. The attackers also attempted to install malware on some of the systems, but it’s unclear if they were successful.
What data was affected? The company stated that the attackers potentially accessed data such as names, email addresses, phone numbers, and in some cases, encrypted passwords of their customers, partners, and employees. It’s worth noting that General Bytes does not store any credit card or financial information on their systems, so that data was not compromised. However, the company advised all affected parties to change their passwords as a precautionary measure.
What is General Bytes doing about it? General Bytes has taken immediate action to contain the incident and secure their systems. They are working with cybersecurity experts to investigate the incident, identify the scope of the breach, and implement additional security measures to prevent similar incidents from happening in the future. They also informed law enforcement authorities about the incident and are cooperating with them in the investigation.
What should you do? If you’re a customer, partner, or employee of General Bytes, it’s recommended that you change your password as soon as possible, especially if you use the same password on other accounts. You should also monitor your accounts and financial statements for any suspicious activity and report it to General Bytes and your financial institution immediately.
Conclusion The General Bytes security incident serves as a reminder of the importance of strong cybersecurity measures and the constant threat of cyber attacks.
At Kulan InfoSecurity, we recommend that individuals and businesses take proactive steps to safeguard their assets and data, such as using strong passwords, enabling two-factor (2FA) authentication, and regularly backing up important information. We also encourage everyone to stay informed about the latest security threats and best practices, and to seek expert advice when necessary.
We will continue to monitor this incident and provide updates as more information becomes available. In the meantime, we hope that all individuals and businesses in the cryptocurrency industry will take this incident as a reminder to prioritise security and take steps to protect themselves and their customers.