Key Takeaways
- On March 23, Bitcoin Depot revealed a cyberattack that resulted in the theft of 50.9 BTC (approximately $3.7M) from corporate wallets
- Hackers successfully compromised login credentials associated with the company’s digital asset settlement infrastructure
- No customer-facing systems, personal information, or user data was compromised in the incident
- Bitcoin Depot has documented an estimated $3.665 million loss and indicated potential insurance reimbursement
- Shares of BTM surged 15.6% to close at $2.74 on Wednesday following the announcement
Bitcoin Depot has confirmed that cybercriminals infiltrated its information technology infrastructure on March 23, 2026, successfully extracting roughly 50.9 BTC — valued at approximately $3.665 million — from wallets under company control.
According to the company’s disclosure, the perpetrators secured access credentials connected to its cryptocurrency settlement account infrastructure. After gaining entry, they executed transfers of the digital assets before detection systems flagged the unauthorized activity.
Bitcoin Depot immediately implemented its security incident response framework upon discovering the breach. The company engaged specialized cybersecurity consultants and alerted appropriate law enforcement agencies.
The firm emphasized that the security compromise remained isolated within its internal corporate network. Consumer-facing platforms, operational systems, and sensitive customer information remained completely unaffected.
On April 6, the company classified the incident as material, pointing to possible reputational damage along with anticipated legal, regulatory, and remediation expenses. Bitcoin Depot established a provisional loss figure of $3.665 million, calculated using the fair market value of the Bitcoin when the theft occurred.
The company maintains cybersecurity insurance policies that could provide partial compensation for such losses. Nevertheless, Bitcoin Depot warned that complete recovery of all stolen funds through insurance claims remains uncertain. Management stated the incident is not anticipated to materially affect the company’s broader financial position.
A comprehensive forensic examination continues with external security specialists to identify the complete extent of the vulnerability.
Challenges Mount for Bitcoin ATM Operator
This security incident compounds existing difficulties facing Bitcoin Depot. In recent weeks, Connecticut financial regulators revoked the company’s money transmission authorization, claiming violations of the state’s 15% fee limitation across 1,015 separate transactions — allegedly overcharging 510 customers by roughly $150,426.
Additionally in March, Bitcoin Depot appointed Alex Holmes to serve as chairman and chief executive officer. Holmes brings extensive experience from his tenure leading MoneyGram International between 2016 and 2024, culminating in the company’s $2 billion acquisition by Madison Dearborn Partners.
Regarding financial performance, Bitcoin Depot reported net profits of $4.7 million for 2025, representing a decline from $7.8 million in 2024. Management projects core revenue will decrease between 30% and 40% throughout 2026, attributing the downturn to evolving state-level regulations and increasingly stringent compliance mandates.
Market Response
Countering conventional expectations, BTM shares rallied 15.6% to reach $2.74 at Wednesday’s closing bell following the theft announcement.
Despite this single-day gain, the stock has plummeted 88% over the trailing six-month period.
The forensic investigation continues, with Bitcoin Depot stating it is implementing enhanced security protocols across its IT infrastructure to prevent similar unauthorized access in the future.
