AT&T Seeks Dismissal of $200M in Damages for 2018 SIM-Swap Attack

Published at: April 1, 2020

AT&T is again seeking to have punitive damages claims of $200 million dismissed in an ongoing court case between the telecoms giant and crypto investor Michael Terpin — who asserts he lost $24 million in crypto as a result of AT&T’s negligence in 2018.

In response to Terpin’s second amended complaint — filed with the court on March 16, AT&T is seeking to have two of his eight claims dismissed, alongside $200 million in punitive damage claims.

Speaking to Cointelegraph, AT&T’s Jim Kimberley stated: “Fraudulent SIM swaps are a form of theft committed by sophisticated criminals. It is unfortunate that these criminals targeted Mr. Terpin, but we dispute his allegations and will continue to fight them in court.”

AT&T pushes back against two of eight claims

During a March 30 hearing, AT&T’s representation asserted that the amended complaint fails to address the flaws with Terpin’s previous complaint, arguing that Terpin does not adequately demonstrate that the telecoms firm is guilty of deceit by concealment or deceit by misrepresentation.

“Mr. Terpin ignores the undisputed fact [...] that AT&T disclosed to him that it could not guarantee that third parties would not take unauthorized actions that would disclose his personal information,” AT&T argued, adding:

"Mr. Terpin’s deceit and misrepresentation claims seek to punish AT&T not for concealing or misrepresenting material facts, but simply for failing to provide further specifics on how Mr. Terpin’s information could be stolen."

AT&T’s lawyers are also seeking the dismissal of $200 million in damages

Terpin submits second amended complaint

Terpin, a prominent crypto investor who founded BitAngels in 2013, first filed his complaint against AT&T in August 2018 — presenting 16 claims against the company. 

Judge Wright dismissed 13 of the 16 claims in July 2019, before Terpin filed an amended complaint the following month bringing nine claims. 

Terpin’s second amended complaint seeks to demonstrate that the company was aware of and disregarded the prevalence of SIM-swap attacks resulting from its employees' actions.

During June 2017, hackers were able to gain control of the investor’s phone number through a SIM-swapping attack. 

By impersonating Terpin using the compromised device, the hackers were able to convince one of the investor's clients to send them cryptocurrency. Terpin’s account was then placed on a “higher security level with special protection” after he met with AT&T representatives concerning the attack.

On Jan. 7, 2018, Terpin’s phone was hacked for a second time — which the investor alleges was facilitated by an employee of AT&T — resulting in the loss of nearly $24 million in digital assets after Terpin’s 2-Factor Authentication passwords were reset by the hackers.

Terpin: AT&T presented no new arguments

Speaking to Cointelegraph, Terpin asserts that his most recent filing “shows the many ways that AT&T had sufficient knowledge of and a moral responsibility to act upon the vast number of SIM-related crimes inflicted upon its customers that law enforcement has been informing them of, substantiating the claim for punitive damages.” He continues:

“It is also bizarre for AT&T to quote its original boilerplate contract language signed in one store several decades ago when it made a new agreement in another store more recently to secure my digital identity with a 'higher security' program to safeguard against a future SIM swap — without disclosing that this feature could easily be defeated by any AT&T store clerk who is bribed or tricked by a criminal gang."

Tags
Related Posts
Decentralized Apps May Solve SIM Swapping Woes
In the US alone, over $55m has been stolen through SIM swapping attacks since 2018. NEM, a blockchain-based ecosystem, believes that decentralized apps could provide a meaningful solution to this problem. According to NEM, they’re working with a solution called “FIX Network”, which was established to help mobile subscribers secure private keys and transactions on SIM cards. The network leverages a blockchain-based protocol to support the security and privacy of mobile subscribers, NEM explains: “This unique architecture will allow mobile operators to deliver services such as digital identity management, cryptocurrency wallets, and personal data firewalls, all enabled by the safekeeping …
Technology / July 31, 2020
Cellebrite Launches Crypto Tracer Solution to Track Illicit Transactions
Digital intelligence firm Cellebrite has launched its “Cellebrite Crypto Tracer” solution. The new offering is powered by CipherTrace and aims to trace illicit cryptocurrencies involved in money laundering, terrorism, drugs, human trafficking, weapon sales and ransomware schemes. The suite of tools will be available to investigators, analysts and non-technical agents who want to lawfully obtain evidence and trace criminals who use cryptos like Bitcoin (BTC) through the darknet. Citing figures from an Oxford University study, Cellebrite states that an estimated $76 billion worth of illegal activities involve Bitcoin. Curating millions of information references to trace transactions The Cellebrite Crypto Tracer …
Technology / July 28, 2020
Nefarious Parties Peddled Half a Million Zoom Profiles on Darknet
Recent data shows parties selling a massive number of Zoom accounts in the far reaches of the internet. In darknet and hacking forums, perpetrators are pawning off 500,000 user accounts from the popular internet video conferencing site, BleepingComputer said in an April 13 report. Hackers utilized former leaked information The infiltrators used multiple methods to gain access to the plethora of Zoom accounts. “These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches,” the report said of Zoom users’ information. “The successful logins are then compiled into …
Technology / April 14, 2020
Coinbase discloses recent cyberattack targeting employees
Crypto exchange Coinbase experienced a cybersecurity attack targeting its employees on Feb. 5. The attack came through SMS scams and involved impersonations of IT staff, according to a recent report from the company's engineering team. No customers' funds or information were impacted, the firm said. As per the report, on a late Sunday several Coinbase employees received SMS messages requiring them to urgently log in via the link provided to access an important message. Acting in a good faith, one employee followed the exploiter' instructions: "While the majority ignore this unprompted message - one employee, believing that it’s an important …
Technology / Feb. 22, 2023
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023