Cryptocurrency investor, Michael Terpin, has been robbed of roughly $24 million in cryptocurrency via his mobile phone account. As a result, AT&T faces $224M lawsuit over cryptocurrency theft. Being one of the world’s leading phone providers, this is sure to make headlines.
Terpin believes his mobile provider, AT&T, to be responsible for his loss on a number of accounts including cooperating directly with the hacker, gross negligence, violation of their statutory duties, and violation of their own privacy policy. Michael Terpin has set out to sue AT&T for $224 million; $24 million to compensate for his losses in crypto and $200 million in punitive damages. AT&T plans to dispute these allegations and present their case in court.
A Victim of Digital Identity Theft
Terpin’s cell phone account was used to hack his funds. This attack is a case of digital identity theft. On this token, Terpin has been a victim of hacking through his wireless network twice now in only 7 months. The investor’s phone number was accessed and used to steal his crypto funds. One would typically need to produce a valid ID and password to access the information used for this attack.
Terpin’s attackers did not possess his identification or passwords, so he believes an AT&T insider to have cooperated with them directly. Because a hacker was able to surpass the necessary security procedures (such as producing ID) at the hands of an AT&T insider, Terpin holds his mobile provider completely accountable for the theft.
How the Hacker Gained Access
SIM fraud was the cause of Terpin’s loss. SIM fraud takes place when an individual transfers a phone number from one SIM card to another. Therefore, if a hacker wished to conduct SIM fraud, they would call their victim’s phone provider and pretend to be them. Next, they would transfer the account holder’s phone number over to their own SIM card. This type of fraud is very dangerous. Our phones are becoming more and more central to the conducting, storing, and managing our important information, accounts, and transactions.
It would have required accurate answers to security questions to access the phone number. The problem is, most information associated with security questions is available publically. Security questions are often things such as your birthday, address, place of employment, and full name. Anyone can access this information.
Is Our Information Safe?
This case leads us to ponder the safety of the information associated with our mobile numbers. Do our mobile providers need to step up their security protocols? Alternatively, do they simply need to follow their current protocols more thoroughly? We should all make ourselves aware of potential crypto and blockchain hacks. Though, Michael Terpin’s case is not only relevant to the crypto community but rather, to everyone. Hot and cold crypto wallets are equally, if not more, secure than online banking platforms. The most secure exchanges and best crypto wallets can help solve these problems. But if you ever lose your wallet, make sure to find out how to get it back.