
U.S. Investor Sues AT&T for $224M Over SIM swap and Loss of Cryptocurrency - walterbell
https://money.usnews.com/investing/news/articles/2018-08-15/us-investor-sues-at-t-for-224-million-over-loss-of-cryptocurrency
======
Bluecobra
This seems like a frivolous lawsuit to me. I would argue that the
exchange/wallet provider is more at fault here (if applicable) for using poor
security. SIM hacking/SMS intercepting is something that should be addressed,
but these issues have been known for quite some time. Companies shouldn't be
relying on them as authentication mechanisms. Seems like he is grasping at
straws here since he can't sue BYOB (Be Your Own Bank).

edit:

I found the actual text of the lawsuit here, and it's hilarious.

[https://www.law.com/therecorder/2018/08/15/prominent-
crypto-...](https://www.law.com/therecorder/2018/08/15/prominent-crypto-
investor-sues-att-for-224m-in-sim-swap-fraud/?slreturn=20180715165138)

 _The hackers also used the phone to hijack Mr. Terpin’s Skype account to
impersonate him. By that means, the hackers convinced a client of Mr. Terpin
to send them cryptocurrency and diverted a payment due to Mr. Terpin to
themselves._

Yep, AT&T totally at fault here!

~~~
gumby
I don't know, I feel that AT&T should support greater security in their
accounts -- after all they'd certainly have been happy to bill the user for
usage if the hijacked usage had incurred charges.

------
gargarplex
In the unlikely event that Mr. Terpin is reading this, could he please contact
me? I lost big money through a similar attack and would like to join as a
plaintiff.

Incidentally, I also lost big on Gox... though, in hindsight, since the money
is tied up in Japanese bankruptcy/civil rehabilitation courts, it is in a way,
also, protected..

------
Justin_K
The problem is ATT never claimed that sms for auth is secure. People just
assumed that and started doing it.

