New Bit Ventures Ltd.

The Washington State Office of the Attorney General disclosed a data breach affecting **New Bit Ventures Ltd. (Coinmama)** in April 2019. The incident stemmed from unauthorized access discovered on **February 17, 2019**, compromising the personal information of **1,221 Washington residents**. The exposed data included **names, mailing addresses, and dates of birth**, though no **Social Security numbers, credit/debit card details, or financial records** were accessed. The breach did not involve ransomware or direct financial fraud but raised concerns over potential identity theft or targeted phishing due to the leaked personally identifiable information (PII). The company did not specify whether the breach resulted from a vulnerability, external cyber attack, or insider threat, but the nature of the incident aligns with a **data breach** where customer records were improperly accessed. No evidence suggested broader systemic failures or operational disruptions beyond the exposed PII.

Source: https://www.atg.wa.gov/data-breach-notifications | https://data.wa.gov/resource/sb4j-ca4h.json?id=10621

TPRM report: https://www.rankiteo.com/company/new-bit

"id": "new301091825",
"linkid": "new-bit",
"type": "Breach",
"date": "12/2018",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': '1,221 (Washington residents)',
                        'industry': 'Cryptocurrency Exchange',
                        'name': 'New Bit Ventures Ltd. (Coinmama)',
                        'type': 'Private Company'}],
 'attack_vector': 'Unauthorized Access',
 'data_breach': {'data_exfiltration': 'Yes',
                 'number_of_records_exposed': '1,221',
                 'personally_identifiable_information': ['Names',
                                                         'Mailing Addresses',
                                                         'Dates of Birth'],
                 'sensitivity_of_data': 'Moderate',
                 'type_of_data_compromised': ['Personal Information']},
 'date_detected': '2019-02-17',
 'date_publicly_disclosed': '2019-04-02',
 'description': 'The Washington State Office of the Attorney General reported '
                'a data breach involving New Bit Ventures Ltd. (Coinmama) on '
                'April 2, 2019. The breach, which occurred due to unauthorized '
                'access, was discovered on February 17, 2019, and affected '
                'approximately 1,221 Washington residents, compromising '
                'personal information including names, mailing addresses, and '
                'dates of birth. No social security or credit/debit card '
                'numbers were accessed.',
 'impact': {'data_compromised': ['Names',
                                 'Mailing Addresses',
                                 'Dates of Birth'],
            'identity_theft_risk': 'Moderate (Personal Information '
                                   'Compromised)',
            'payment_information_risk': 'None (No Credit/Debit Card Numbers '
                                        'Accessed)'},
 'references': [{'source': 'Washington State Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'Washington State '
                                                       'Office of the Attorney '
                                                       'General'},
 'response': {'communication_strategy': 'Public Disclosure via Washington '
                                        'State Office of the Attorney General'},
 'title': 'New Bit Ventures Ltd. (Coinmama) Data Breach',
 'type': 'Data Breach'}