A US cryptocurrency investor, Michael Terpin registered a $224 million lawsuit against AT&T on Wednesday, accusing negligence of the telecommunication giant to protect his personal mobile information.
He is seeking $24 million as compensatory damage and $200 million in punitive damage.
Terpin is the co-founder of the first angel group for Bitcoin investors, BitAngels, established in 2013. He is also the founding member of the first digital currency fund, BitAngels/Dapps Fund, created in March 2014; and a senior advisor to one of the world’s largest digital currency hedge funds, Alphabit Fund.
The cryptocurrency investor tweeted yesterday, “Somebody needed to sue AT&T for fraud and gross negligence in letting criminals SIM swap.”
Through an e-mail, an AT&T spokesperson responded to the Terpin’s allegations: “We dispute these allegations and look forward to presenting our case in court.”
Cryptocurrency Investor Mobile Data Hacked
Terpin sued AT&T on August 15 filing a complaint about his mobile data hack in a 69-page charge sheet submitted to the U.S. District Court in Los Angeles.
The lawsuit states that the complainant’s mobile account was hacked twice in a duration of seven months, the first time in early January this year and then again in June. In the process, Terpin lost approximately three million tokens of digital currency amounting to $24 million.
SIM Swap Fraud
According to the registered accusation, Terpin highlighted a known loophole in AT&T security system – SIM swap fraud.
SIM swap consists of deceiving a telecom service provider into granting access to a subscriber’s phone number through a SIM card controlled by the imposter. Once the imposter gets access to the phone number, they can reset the original phone number’s passwords, alter the route of incoming call and messages and log into the victim’s online accounts including cryptocurrency wallets.
In the cryptocurrency investor’s case, the number was reportedly authorized to an international criminal gang. AT&T failed to secure its own two-factor authentication protection system and gave into the hackers’ trick.
In fact, at one point, using Terpin’s Skype credentials, the hackers convinced one of his clients to deposit money in their personal account, reports The Fast Company.
To tighten the authentication process further, AT&T integrated additional password security into Terpin’s mobile system. To this, as per Terpin’s lawsuit, AT&T accepted to him that one of the company’s employees in Connecticut had disclosed his number to the hacker without the need for the special passcode or even a scannable ID.
Digital Currency Theft
It is easier for hackers to steal digital currency since it is relatively difficult to trace them. And this is not the first time that such threats have emerged. Such incidents have come into the spotlight earlier too including that of Black Lives Matter activist DeRay McKesson.
“In recent incidents, law enforcement has even confirmed that AT&T employees profited from working directly with cyber terrorists and thieves in SIM swap frauds,” Terpin emphasized.
In a statement, Terpin added that “mainstream adoption of cryptocurrency cannot take place as long as phone company employees are handing over critical unauthorized access to the heart of everyone’s digital lives.”