Silver Miller, a Florida-based law firm involved in many crypto-related lawsuits, is suing AT&T and T-Mobile after customers accused the telecom giants of allowing hackers to swap their SIM cards, in what appears to be an elaborate scheme by fraudsters. The security breaches resulted in the theft of cryptocurrency worth nearly $1.3 million.
A Silver Miller’s client claimed that the AT&T’s lack of security allowed hackers to enter his account, even after it increased security following an earlier attempted hack, and steal crypto coins worth roughly $620,000.
It is unclear exactly how the thieves replaced the client’s mobile SIM, but the lawsuit suggests they impersonated him to AT&T’s customer-service agents and requested that the phone number be transferred to their own device.
The Carrier Was at Fault Here
Once the thieves had access to his phone number, they were able to request a password change and reset the security on many of his accounts, effectively locking him out. The hackers also changed the password on his cryptocurrency account and initiated the transfer of digital assets to their own wallets.
Deloitte’s Banking Report Forecasts the Future of Social DistancingGo to article >>
“What AT&T did was like a hotel giving a thief with a fake ID a room key and a key to the room safe to steal jewelry in the safe from the rightful owner,” the complaint alleged.
In other cases also filed by Silver Miller, T-Mobile clients thought they were playing it safe, employing two-factor authentication. But all of that apparently doesn’t mean much as the victims were robbed of $400,000 and $250,000, respectively, when T-Mobile permitted SIM swaps to take place in similar incidents.
The lawsuit described the case as an example of classic identity theft, in which hackers gained access to sensitive financial information by stealing personal data. The plaintiff is seeking damages and injunctive relief, claiming that the company was at fault and thus should pay compensation.