Bitcoin Depot Reports $3.665 Million Bitcoin Theft Following Cybersecurity Incident
Bitcoin Depot Inc. disclosed a material cybersecurity incident discovered on March 23, 2026, where an unauthorized party gained access to its information technology systems. This breach led to the unauthorized transfer of approximately 50.903 Bitcoin, valued at $3.665 million as of the report date, from company-controlled wallets. The company promptly activated incident response protocols, engaged external cybersecurity experts, and notified law enforcement, believing the incident was contained to its corporate environment without affecting customer platforms or data. While the incident has not materially impacted operations to date, Bitcoin Depot determined it is material due to potential consequences including reputational harm, legal, regulatory, and response costs.
Key Highlights
- On March 23, 2026, Bitcoin Depot Inc. discovered an unauthorized party gained access to certain of its information technology systems.
- The unauthorized actor obtained control of credentials associated with the Company’s digital asset settlement accounts.
- Approximately 50.903 Bitcoin, valued at approximately $3.665 million as of the report date, was transferred without authorization.
- The Company believes the incident was contained to its corporate environment and did not affect customer platforms, divisions, systems, data, or environments, with no evidence of customer personally identifiable information access identified to date.
- Bitcoin Depot activated incident response protocols, engaged external cybersecurity experts, and notified law enforcement in response to the incident.
- On April 6, 2026, the Company determined the incident is material due to potential consequences, including reputational harm, legal, regulatory, and response costs, despite no material impact on operations as of the report date.