Bitcoin Depot $3.6M Hack Sparks Backlash Over 3-Day Delay

Bitcoin Depot, the largest cryptocurrency ATM operator in the United States, is facing sharp criticism after hackers reportedly drained approximately $3.6 million from company wallets, with the breach going undetected for three days.

What happened in the Bitcoin Depot hack

Hackers stole roughly 50 BTC from Bitcoin Depot’s wallets, an amount valued at approximately $3.6 million at the time of the incident. The company confirmed the cyberattack, which targeted its operational wallets rather than customer-facing ATM infrastructure.

BleepingComputer reported that Bitcoin Depot acknowledged the breach after it became public, though the company has not disclosed full technical details about how the attackers gained access.

The incident is the latest in a string of security events affecting Bitcoin-facing companies. Readers following broader institutional developments in Bitcoin will note that company-level security failures remain a persistent risk even as the asset class matures.

Why the three-day delay triggered backlash

The central point of criticism is not the hack itself but the reported three-day gap between the breach and Bitcoin Depot’s detection of it. Protos reported that the company did not spot the 50 BTC theft for three full days, raising questions about the adequacy of its internal monitoring systems.

For a publicly traded company operating thousands of crypto ATMs, a multi-day detection window for a seven-figure loss suggests gaps in real-time wallet surveillance. Critics have pointed out that blockchain transactions are publicly visible and that automated alerts for large outflows are standard practice across the industry.

The backlash centers on trust. Bitcoin Depot serves retail customers who use its ATMs to buy and sell Bitcoin, and the delayed response has prompted questions about whether the company’s security infrastructure matches the scale of its operations. A three-day detection lag on a movement of 50 BTC is difficult to reconcile with basic wallet monitoring protocols.

What Bitcoin users and investors should know

Two key takeaways emerge from this incident. First, the scale: approximately $3.6 million to $3.7 million was lost in a single breach of a major crypto infrastructure provider. Second, the delayed discovery raises questions about operational oversight at companies that custody digital assets on behalf of users.

Bitcoin Depot has not publicly confirmed whether customer funds were affected or whether the stolen BTC has been traced to any identifiable wallets. Users of Bitcoin ATM services, and investors in companies that operate within the crypto payments ecosystem, should monitor for further disclosures from the company.

The incident underscores a recurring pattern: as Bitcoin adoption grows, the companies built around it become high-value targets. The difference between a hack and a crisis often comes down to how quickly the breach is detected and disclosed.

Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Cryptocurrency and digital asset markets carry significant risk. Always do your own research before making decisions.