Phone service provider AT&T is once again being sued over a potential SIM-swapping case. This time, the plaintiff is a man named Seth Shapiro, who says that AT&T mishandled his number transfer, causing him to lose as much as $1.9 million in cryptocurrency funds.
SIM-Swapping Isn’t Disappearing
SIM-swapping has become one of the most dangerous and prominent ways of garnering funds that one has no right to. The process can be done in one of two ways. The hacker potentially gets a hold of a victim’s private information, such as their date of birth, their social security number, and other sensitive data. They then call up the phone service provider of the victim and explain that they are looking to move the phone number over to another device.
Should the customer service representative ask them specific questions, the hacker – most of the time – has the answers, as they have garnered the private information of the person in question. From there, the phone transfer occurs, and the hackers now have access to the person’s many accounts granted they ever accessed them via mobile means.
The other SIM-swapping method is to simply bribe the customer service representative in question. By offering them a little money, the person becomes a willing aid in the hacker’s attempts to gain control of the victim’s data.
Shapiro claims that his “life savings” were stolen in the recent hack on his phone. He also says that an AT&T employee facilitated the phone transfer and aided the hacker in gaining access to his private cryptocurrency accounts. Shapiro had wallets with several cryptocurrency platforms and exchanges, including Coinbase, KuCoin, Bitfinex and HitBTC. The attack occurred in New York in the year 2018, though the case has taken roughly 24 months to make its way to court.
Initially, it looks like the hacker in question had only gotten control of Shapiro’s phone, not his accounts. Shapiro noticed that one day, his phone was no longer connecting to the AT&T network. He thus traveled to the nearest store and purchased a new phone and a new SIM card to stop what he thought was potential SIM-swap activity at the time. It was during this window that the hacker managed to wipe out all his crypto accounts.
Chalk Up Another Case
Court documents allege:
In Mr. Shapiro’s case, not only did AT&T employees access his account and authorize changes to that account without Mr. Shapiro’s consent, but its employees actively profited from this unauthorized access by knowingly giving control over his phone number to hackers for the purpose of robbing him.
The case is strangely similar with that of Michael Terpin, who is also suing AT&T for potentially turning a blind eye to his own SIM-swapping experiences. Terpin is now suing both the phone company and the alleged teenage hacker for more than $71 million.