- Cellphone providers left loopholes that exposed their customers to hackers
- Criminals collude with rogue telecom employees to swap SIM cards
- Millions of dollars in crypto stolen
A U. S-based law firm that that specializes in prosecuting cryptocurrency related cases has filed a lawsuit against AT&T and T-Mobile for SIM card enabled cryptocurrency hacks. The lawsuit suggests that the cell phone providers left security protocols with loopholes that exposed their customers to exploitation.
Poor security on the companies’ part cost their customers millions
According to a November 8, 2018 press release published by Silver Miller law firm on behalf of cryptocurrency holders, who allegedly became victims of cryptocurrency theft through the infamous “SIM-swapping” scandal, the telecommunication companies failed to train and monitor their employees, becoming complicit in identity theft. The statement read:
“By leaving holes in their security protocols and failing to properly train and monitor their employees, cellphone providers have assisted thieves in remotely taking over the SIM cards in people’s smartphones, accessing financial records and account information of the victims, and emptying the victim’s accounts of cryptocurrency and other valuable assets.”
According to the statement, one of their clients lost an equivalent of $621,000 worth of cryptocurrency days after AT&T had assured them of enhanced security following an earlier attempted attack. The law firm says two more of its clients lost $400,000 and $250,000 respectively after T-Mobile allowed the SIM swaps to take place.
Criminals get a duplicate SIM card associated with an account and empty millions of dollars without the knowledge of the owners. The criminals will call the telecommunication company posing as the victim looking for help to replace their card and end up stealing personal information, financial information, money, and digital assets from the account related to the SIM card.
SIM swapping exists for legitimate reasons such as when a card gets damaged or when someone is changing providers. However, criminals collude with rogue or careless telecom employees to have a user’s account details reassigned to another SIM card, allowing the hackers complete access to calls, messages, and notifications. The law firm says:
“…in a few moments’ time, can allow a thief to steal millions of dollars of an unsuspecting victim’s assets with little more than a persuasive plea for assistance, a willing telecommunications carrier representative, and an electronic impersonation of the victim.”
A report from Krebs on Security in California says SIM swapping by hackers is on the rise. Santa Clara County Sherriff Samy Tarazi says the main perpetrators are “kids aged mainly between 19 and 22 being able to steal millions of dollars in cryptocurrencies.” The firm is inviting everyone who has been victimized by SIM swapping attacks and has lost money to contact them.