Cyber Incident Victim: BIT Mining Limited

On December 3, 2022, BIT Mining Limited’s subsidiary BTC.com experienced a cyberattack resulting in the theft of digital assets. The incident involved approximately $700,000 in client-owned assets and $2.3 million in company-owned assets. BIT Mining, a NYSE-listed cryptocurrency mining and mining pool operator, disclosed the breach on December 26, 2022, confirming the attack targeted BTC.com’s digital asset services. The company promptly reported the incident to law enforcement authorities in Shenzhen, China. Internal coordination and local collaboration enabled the partial recovery of some compromised digital assets, though specific technical details of the attack vector or perpetrator were not disclosed. The theft exclusively impacted digital asset holdings, with no disruption to BTC.com’s client fund services or broader mining pool operations.

Following the breach discovery, BIT Mining implemented enhanced cybersecurity measures designed to block and intercept malicious actors, though exact technical specifics were not elaborated. By December 23, 2022, Shenzhen authorities had formally initiated an investigation, evidence collection, and inter-agency coordination to trace the stolen assets. BIT Mining committed significant resources to recovery efforts but did not specify methodologies or timelines. BTC.com resumed normal business operations post-attack, maintaining functionality across all non-digital asset services, including its blockchain browser and multi-currency mining pool supporting BTC, ETH, and LTC. The incident underscored operational risks in digital asset management but did not affect the company’s mining hardware manufacturing through subsidiary Bee Computing or its data center activities. No additional breaches or system compromises were reported following the initial December 3 attack.