The case was highlighted nearly a year agowhen a U.S. crypto investor, Michael Terpin filed a lawsuit against the telecom giant. The investor claimed that due to the gross negligence of AT&T, he lost, at that time, around USD 24 million worth of crypto assets. The investor cited a number of violations in the 69 page document saying it was responsible due to,
Mr. Terpin had claimed he had lost the amount due to the hacker’s ability to clone his mobile phone SIM, something he said would not be possible without the provider’s knowledge or part in the heist. Mr. Terpin was the victim of SIM cloning in which two hacks were made in a space of seven months.
Mr. Terpin is the co-founder of the investment group BitAngels. He seeks compensation of the USD 24 million he lost and an additional 200 million in damages.
AT&T has denied from the start any involvement in the incident. They claim that they have nothing to do with the cloning of the SIM. Their request for dismissal of the case, however, has been denied. Federal Judge Wright dismissed their request, in which the telecom giant pleaded to ignore their own 20133 Consent Decree, which was filed with the Federal Communications Commission. According to the clauses of the Decree, AT&T is responsible for protecting customer data and Judge Wright said that the claim clearly shows the inability of the telecom to honor its agreement, on which Mr. Terpin forms the basis of his claim,
Specifically, he objects to the exculpatory provision that exempts AT&T from liability from its own negligence, acts or omissions of a third party, or damages or injury caused by the use of the device. […] Mr. Terpin alleges that as a result of these illegal contract provisions, the entire customer agreement is unenforceable because the central purpose of the agreement is tainted with illegality. […] AT&T and Mr. Terpin have adverse legal interests of sufficient immediacy and reality to warrant a claim for declaratory judgment. The terms of the wireless customer agreement are directly implicated by this lawsuit, particularly the terms that Mr. Terpin has identified.
SIM cloning is a process in which hackers can clone the identity of a mobile SIM and run a user’s number. Many platforms, including a majority of crypto exchanges, send a reset code to user’s registered mobile number. Hackers can obtain the reset code as the SMS is sent to the cloned SIM, rather than the original user. In this way, they gain access to the online assets.