The Judge engaged in the SIM Swap lawsuit against AT&T Mobility has denied a request by AT&T to dismiss the case.
The case, Terpin v. AT&T Mobility, pertains to a $24 million loss of cryptocurrency that was facilitated by SIM Swap fraud. Terpin is requesting a $224 million judgment against AT&T, a company that he alleges did little to protect him against a well-known fraud tactic the carrier could have easily stopped.
According to a note from Terpin’s representatives, Judge Otis Wright II rejected the wireless carrier’s effort to dismiss the lawsuit in its entirety, allowing Terpin to pursue federal claims for violation of the Federal Communications Act, breach of contract, and other violations of law.
Judge Wright flatly denied AT&T’s request to disregard the 2011 Consent Decree with the Federal Communications Commission compelling protection of A&T consumer’s data privacy.
As part of the court’s decision, Terpin must amend some of his claims.
Pierce O’Donnell, a partner with the law firm of Greenberg Glusker Fields Claman & Machtinger, said that Judge Wright “strongly repudiated AT&T’s audacious bid” to prevent Terpin from pursuing the case.
“The evidence will show that AT&T not once, but twice allowed hackers posing as Michael to obtain his SIM card,” said O’Donnell.
Quoting Judge Wright:
“Mr. Terpin has sufficiently alleged that AT&T permitted unauthorized access to his proprietary information, specifically his account information and private communications.”
According to Terpin’s team, AT&T forces consumers to sign an “oppressive, one-sided form contract that purports to relinquish any right to hold the telco giant financially responsible for its wrongful acts.”
AT&T unsuccessfully sought to prevent Terpin’s multi-prong challenge to the legality of the contract.
Judge Wright added:
“Mr. Terpin’s claim … seeks to declare AT&T’s wireless customer agreement as unconscionable, void against public policy, and unenforceable in its entirety. … Specifically, he objects to the exculpatory provision that exempts AT&T from liability from its own negligence, acts or omissions of a third party, or damages or injury caused by the use of the device. … Mr. Terpin alleges that as a result of these illegal contract provisions, the entire customer agreement is unenforceable because the central purpose of the agreement is tainted with illegality.… AT&T and Mr. Terpin have adverse legal interests of sufficient immediacy and reality to warrant a claim for declaratory judgment. The terms of the wireless customer agreement are directly implicated by this lawsuit, particularly the terms that Mr. Terpin has identified.”
Terpin said he was grateful for Judge Wright’s decision stating that AT&T must be held accountable.
“If AT&T demonstrated the same zeal to totally revamp its porous security system as it does to suppress the damning evidence of its callous indifference to its customers, we would not be in court,” said Terpin.
SIM Swap frauds have become prevalent in the cryptocurrency sector as virtual currency can be moved quickly across borders. While mobile companies have been made aware of shortcomings in their operational protocols, little has been done to date to stomp out the fraud.
Typically, a SIM Swap fraud takes place either via an “inside job” where an employee is complicit in the fraud. Or, alternatively, an individual convinces poorly trained representatives of a fake identification.
Once an individual has control of a users mobile phone in a cloned device, they can quickly reset all of the passwords via 2-factor authentication. While pitched as heightened security, two-factor ends up becoming a skeleton key to an individual’s private accounts.
Even requests to only allow in-person changes to accounts at major mobile carriers have been ignored thus implying a heightened degree of culpability.
The original complaint as filed by Terpin’s law firm is embedded below.
Terpin v. ATT Mobility August 2018 Complaint-as-Filed-3063362-1