Trump says Iran war "close to over" amid hopes for more negotiations
Bitcoin Depot Inc. disclosed that unauthorized parties accessed its information technology systems on March 23, 2026, and transferred approximately 50.903 Bitcoin valued at $3.665 million from company-controlled wallets.
The company activated incident response protocols upon detection, engaged external cybersecurity experts, and notified law enforcement. The unauthorized actors obtained control of credentials associated with Bitcoin Depot’s digital asset settlement accounts, according to the company’s filing.
Bitcoin Depot stated the incident was contained to its corporate environment and did not affect customer platforms, divisions, systems, data or environments. The company has not identified evidence that customer personally identifiable information was accessed or exfiltrated, though the investigation remains ongoing.
The company determined on April 6, 2026, that the incident is material due to potential consequences including reputational harm and legal, regulatory and response costs. Bitcoin Depot recorded a preliminary loss estimate of approximately $3.665 million, representing the fair value of the transferred Bitcoin as of the incident date.
Bitcoin Depot maintains insurance coverage that may cover certain cybersecurity incident losses, but stated there is no assurance such coverage will be sufficient to recover losses from this incident. The company believes the incident is not reasonably likely to have a material impact on its financial condition or results of operations.
The investigation continues with third-party specialists to determine the full scope and nature of the incident. Bitcoin Depot is working with cybersecurity experts to reinforce its information technology systems and prevent future unauthorized access.