Despite its ability to track this highly suspicious behavior, AT&T failed to use this technology to protect Mr.
AT&T therefore had the technology to track how many different accounts were being on to the same telephone, as demonstrated by its ability to pull this information for law enforcement. Shapiro's SIM swap had requested that 40 different AT&T wireless accounts be moved onto his phone (identified by its IMEI number) in the months leading up to Mr. These employees were "prolific SIM swappers," with White conducting 29 unauthorized SIM swaps in May 2018 and Jack conducting 12 unauthorized swaps that same month, the lawsuit said.ĪT&T also informed law enforcement that the hacker involved in Mr. JD paid White $4,300 to conduct SIM swaps, including the swaps in May 2018 that targeted Shapiro, and paid $585.25 to White, the lawsuit said. Shapiro's phone to a SIM card in a phone controlled by JD and others," the lawsuit said. Shapiro's AT&T account from the SIM card in Mr. "riminal investigations reveal that a third-party (an individual identified by authorities as 'JD') paid Jack and White to change the SIM card associated with Mr. Shapiro backs up his lawsuit with details from a criminal case filed by the US government against nine people, including former AT&T employees Robert Jack and Jarratt White. AT&T's "employees actively profited from this unauthorized access by knowingly giving control over his phone number to hackers for the purposes of robbing him," the lawsuit says. In Shapiro's case, AT&T employees did not just unwittingly give hackers control over his phone, the lawsuit says.
"Meanwhile, the victim's phone loses its connection to the carrier network." "The hacker's phone then becomes the phone associated with the victim's carrier account, and the hacker receives all of the text messages and phone calls intended for the victim," the complaint continues. In a SIM-swap attack, "the SIM card associated with the victim's wireless account is switched from the victim's phone" to someone else's, which "effectively moves the victim's wireless phone-including any incoming data, texts, and phone calls associated with the victim's phone-from their phone to a phone controlled by the third party," the lawsuit notes. Shapiro's AT&T wireless number-including control secured through cooperation with AT&T employees-to access his personal and digital finance accounts and steal more than $1.8 million from Mr. The hackers then utilized their control over Mr. Shapiro's phone to a phone controlled by third-party hackers in exchange for money. Shapiro's AT&T wireless account, viewed his confidential and proprietary personal information, and transferred control over Mr. On at least four occasions between and May 18, 2019, AT&T employees obtained unauthorized access to Mr. The complaint, filed on October 17 in US District Court for the Central District of California, says: Plaintiff Seth Shapiro of Torrance, California, says that AT&T is liable for the acts of its employees and failed to implement systems and procedures to prevent them from pulling off the scheme. A lawsuit against AT&T alleges that the carrier's employees helped hackers perform SIM-swap attacks on a customer and rob him of $1.8 million worth of cryptocurrency.