AT&T Seeks Dismissal of $200M in Damages for 2018 SIM-Swap Attack
AT&T is again seeking to have punitive damages claims of $200 million dismissed in an ongoing court case between the telecoms giant and crypto investor Michael Terpin — who asserts he lost $24 million in crypto as a result of AT&T’s negligence in 2018.
In response to Terpin’s second amended complaint — filed with the court on March 16, AT&T is seeking to have two of his eight claims dismissed, alongside $200 million in punitive damage claims.
Speaking to Cointelegraph, AT&T’s Jim Kimberley stated: “Fraudulent SIM swaps are a form of theft committed by sophisticated criminals. It is unfortunate that these criminals targeted Mr. Terpin, but we dispute his allegations and will continue to fight them in court.”
AT&T pushes back against two of eight claims
During a March 30 hearing, AT&T’s representation asserted that the amended complaint fails to address the flaws with Terpin’s previous complaint, arguing that Terpin does not adequately demonstrate that the telecoms firm is guilty of deceit by concealment or deceit by misrepresentation.
“Mr. Terpin ignores the undisputed fact [...] that AT&T disclosed to him that it could not guarantee that third parties would not take unauthorized actions that would disclose his personal information,” AT&T argued, adding:
"Mr. Terpin’s deceit and misrepresentation claims seek to punish AT&T not for concealing or misrepresenting material facts, but simply for failing to provide further specifics on how Mr. Terpin’s information could be stolen."
AT&T’s lawyers are also seeking the dismissal of $200 million in damages
Terpin submits second amended complaint
Terpin, a prominent crypto investor who founded BitAngels in 2013, first filed his complaint against AT&T in August 2018 — presenting 16 claims against the company.
Judge Wright dismissed 13 of the 16 claims in July 2019, before Terpin filed an amended complaint the following month bringing nine claims.
Terpin’s second amended complaint seeks to demonstrate that the company was aware of and disregarded the prevalence of SIM-swap attacks resulting from its employees' actions.
During June 2017, hackers were able to gain control of the investor’s phone number through a SIM-swapping attack.
By impersonating Terpin using the compromised device, the hackers were able to convince one of the investor's clients to send them cryptocurrency. Terpin’s account was then placed on a “higher security level with special protection” after he met with AT&T representatives concerning the attack.
On Jan. 7, 2018, Terpin’s phone was hacked for a second time — which the investor alleges was facilitated by an employee of AT&T — resulting in the loss of nearly $24 million in digital assets after Terpin’s 2-Factor Authentication passwords were reset by the hackers.
Terpin: AT&T presented no new arguments
Speaking to Cointelegraph, Terpin asserts that his most recent filing “shows the many ways that AT&T had sufficient knowledge of and a moral responsibility to act upon the vast number of SIM-related crimes inflicted upon its customers that law enforcement has been informing them of, substantiating the claim for punitive damages.” He continues:
“It is also bizarre for AT&T to quote its original boilerplate contract language signed in one store several decades ago when it made a new agreement in another store more recently to secure my digital identity with a 'higher security' program to safeguard against a future SIM swap — without disclosing that this feature could easily be defeated by any AT&T store clerk who is bribed or tricked by a criminal gang."