Bitcoin Investor Sues AT&T for $224 Million after Mobile-Linked Theft

Journalist:
August 15, 2018

A bitcoin investor has sued telecommunications giant AT&T for $224 million after losing millions of dollars worth of cryptocurrency in a theft that he says is the cellular service provider’s fault.

According to CNBC, California resident Michael Terpin has filed a 69-page complaint against AT&T in U.S. District Court in Los Angeles, in which he alleges that he lost $24 million worth of cryptocurrency after the cellular service provider negligently allowed a hacker to obtain unauthorized access to his cell phone account.

Terpin, who in 2013 co-founded an angel investment group called BitAngels and was also a founding partner of the Dapps Venture Fund, claims that an individual working with the hacker impersonated him and convinced an AT&T store employee to give them access to Terpin’s phone number without requiring him to show valid identification or provide the PIN code to Terpin’s account.

“AT&T’s willing cooperation with the hacker, gross negligence, violation of its statutory duties, and failure to adhere to its commitments in its Privacy Policy,” he said in the complaint. “What AT&T did was like a hotel giving a thief with a fake ID a room key and a key to the room safe to steal jewelry in the safe from the rightful owner.”

In addition to the $24 million he lost in the two thefts, Terpin is seeking $200 million in punitive damages from AT&T, which is the world’s largest telecommunications provider and the second-largest mobile services provider.

AT&T said that it disputes the allegations and “look forward to presenting our case in court.”

In any case, the incident presents another reminder of the dangers of SMS-based two-factor authentication (2FA), which — though generally safer than not using 2FA at all — still places users at risk of SIM-card jacking attacks, in which an attacker tricks a mobile provider into transferring the victim’s mobile account to a hacker-controlled phone.

When available, security experts advise that users secure their online accounts using app- and security key-based 2FA, though unfortunately many websites do not support them. Cryptocurrency investors should also consider securing their long-term holdings in offline “cold storage” wallets, which prevent hackers from obtaining access to the private keys over the internet.

Featured Image from Shutterstock

Tags: AT&T
Josiah Wilmoth @Y3llowb1ackbird

Josiah is the US Editor at CCN, where he focuses on financial markets. He has written over 2,000 articles since joining CCN in 2014. His work has also been featured on ZeroHedge, Yahoo Finance, and Investing.com. He lives in rural Virginia. Follow him on Twitter @y3llowb1ackbird or email him directly at josiah.wilmoth(at)ccn.com.