American telecommunications giant AT&T (NYSE: T) is facing a $224 million lawsuit from a cryptocurrency investor and customer over alleged negligence that caused him to lose $24 million worth of cryptocurrency. According to CNBC, Michael Terpin, an American citizen, filed the $224 million lawsuit against the telecommunication giant last Wednesday. He is seeking another $200 million in punitive damages in addition to the value of the coins he lost. The plaintiff helped found an angel group for Bitcoin (BTC) investors known as BitAngels in 2013. He is also the cofounder of one of the first cryptocurrency funds, named BitAngels/Dapps Fund.
Terpin filed the 69-page long complaint in the US District Court in Los Angeles. Terpin, who has been the victim of two hacks within the short span of seven months, claims that he lost the money due to the actions of AT&T, his mobile service provider. Terpin alleges that after the first hack, the wrongdoer was able to acquire his private phone number because an AT&T insider cooperated with the hacker. He adds that the AT&T employee did not require the hacker to show any valid identification or to provide him with a passport or driver's license. He alleges that the phone number was used later on to access the cryptocurrency holdings of Terpin.
Terpin claims that "what AT&T did was like a hotel giving a thief with a fake ID a room key and a key to the room safe to steal jewelry in the safe from the rightful owner." He basically argues that the hacker and AT&T insider worked together to perform a fraudulent SIM card swap, bypassing his exchange's two-factor authentication and allowing the hacker to access and steal his coins. AT&T has disputed the allegations, stating, "we dispute these allegations and look forward to presenting our case in court." It seems likely that the case will go to trial, unless a settlement is somehow achieved.
Terpin's case is frightening for many cryptocurrency investors because it demonstrates the danger in trusting third parties like mobile service providers. The cleverness of the hacker to leverage relationships with the mobile service provider in order to access Terpin's texts is a testament to how far cryptocurrency hackers will go to steal. The main takeaway from the situation is that investors should keep large amounts of coins in cold storage or hardware wallets. If they keep their coins on an exchange account, two-factor authentication should be used through dedicated apps like Google Authenticator and Authy. Those methods are more secure than text-based authentication. As crypto hacks continue, investors need to be more vigilant.
The author owns a small amount of BTC.