A hacker was able to upload their own Java application onto General Bytes' bitcoin ATMs, which enabled the attacker to read and decrypt API keys to access funds on exchanges and hot wallets.

The company posted a high severity security incident warning on its Confluence page on March 18. The attacker was able to access the database, download user names and passwords as well as turn off two-factor authentication and scan terminal event logs for instances when customers scanned private keys in the ATM, the company said.

"We urge all our customers to take immediate action to protect their funds and personal information and carefully read the security bulletin listed here," the company said on Twitter.

The hacker was able to mount the attack by uploading their own Java application and running it remotely, using the master service interface, which is used in bitcoin ATMs to upload videos to the server, the company said.

Both General Bytes' cloud service and standalone servers were compromised and as a result the company is closing down its cloud service.