T-Mobile Faces Federal Lawsuit After Hackers Steal User’s Cryptocurrencies

T-Mobile

This past Sunday Carlos Tapang, a T-Mobile USA Inc. customer, filed a suit in federal court against the company, alleging lax security measures made it possible for hackers to access his wireless account and steal the cryptocurrency from his mobile wallet —  tens of thousands of dollars worth.

Tapang, of Washington state, accuses T-Mobile of having “improperly allowed wrongdoers to access” his wireless account on November 7th of last year. After the attack, the hackers cancelled his number and transferred it to an AT&T account under their control. “T-Mobile was unable to contain this security breach until the next day,” when it finally got the number back from AT&T, Tapang alleges in the suit.

The cybercriminals got away with 1,000 OmiseGo (OMG) tokens and 19.6 BitConnect coins. Next, they exchanged the coins for 2.875 Bitcoin, according to the suit. On November 7th, the price of Bitcoin was $7,118.80, so had the hackers cashed out then they would have netted a profit of $20,466.55. In just weeks after the incident, the token’s price reached almost $20,000 per coin, but given the volatility of Bitcoin prices, and perhaps a desire to quickly turn the coins into cash, it’s unlikely the hackers benefited from the surge.

The suit alleges T-Mobile is at fault partly because the carrier said it would add a PIN code to Tapang’s account prior to the incident — but no PIN was implemented. And Tapang says there are other weaknesses: He alleges hackers are able to call T-Mobile’s customer support multiple times in attempts to gain access to customer accounts. After several tries, sometimes they’re able to get an agent on the line that will grant them access without requiring further identity verification. The complaint also lists several anonymous internet users who have posted about similar security breaches to their own T-Mobile accounts.

Tapang alleges he couldn’t use his cellphone number and had to “expend time, energy, and expense,” and also suffered “emotional distress” from the incident. He’s seeking damages and injunctive relief, which could order T-Mobile to develop better security measures.

Mobile and internet security will come under further scrutiny as incidents such as this increase with the growing popularity of cryptocurrencies. Companies providing these services to their customers will likely need to implement tougher security measures to protect themselves from similar lawsuits and protect their clients from cybercriminals.

  • xrpsailor

    ummmm … it is someone elses fault that he did not secure his assets properly? sounds like a personal problem … when people start figuring out that they are the ones responsible for their life … well, that would be good.

    • john

      guy was using 2fa which is standard good practice today. thieves logged into account and transferred funds. Issue is with T mobile and plaintiff will easily win

      • CoverYourBases

        Well, first off, he bad Bitconnect (Bitconnnneeeect!!) so the story could end right there as far as how knowledgeable this guy is.

        Second, if he was using 2FA, the thieves, even though they cloned his phone, would not be able to log into his Bitconnect account (assuming he did, in fact, set up 2FA on is Bitconnect account).

        So yeah, T-Mobile could definitely take some flack here for not following the guys instructions and adding pin protection to his account even thought they said they would. That’s worth some damages me thinks.

        As far as losing his Bitconneeeect (sorry) tokens, he would have lost those when that Ponzi scheme finally imploded on January 17 of this year.

        So the issues of investing in a ponzi scheme and, apparently, not enabling 2FA on hot wallet run by said ponzi scheme is all on him.

    • d.duck

      ur stupid

  • diksoutforXMR

    Sucks to suck


Subscribe to our newsletter



Related Posts