Kris Carlon / Android Authority
Tl; Dream
- T-Mobile was required to pay $ 33 million in compensation after losing an arbitration case related to a major security failure.
- The case involved a SIM change attack that allowed hackers to steal $ 38 million in Cryptocurrency from a customer’s account.
- The fracture happened even if the victim had extra protection, which aroused concern as hackers bypassed T-mobile’s safety through a back door.
T-Mobile Has paid $ 33 million to settle a private arbitration case involving a major SIM change event resulting in tens of millions of dollars theft in Cryptocurrency. The payment, revealed through a petition submitted in a Los Angeles court, follows a high -profile legal match promoted by California Law Firm Greenberg glushes.
according to WeekWho underwent the legal submissions, the arbitration award from a cyberattack in February 2020 derived as a targeted technical entrepreneur Joseph “Josh” Jones. The attackers managed to hijack Jones’ T-Mobile account and port phone number of a SIM card they controlled. When in possession of the number, they could access and empty his cryptocurrency owners, and steal over 1500 Bitcoin and about 60,000 Bitcoin cash. At that time, the stolen assets were valued at $ 38 million.
The report claims that despite the fact that Jones has added increased security to his T-Mobile account, including an eight-digit pin, the attackers may have utilized internal vulnerabilities or a back door in T-mobile systems. Greenberg glushes claims that “many safety failure” in the wireless supplier enabled the breach, claiming that the company’s internal security measures were not up to the mark.
The arbitration award, which was completed in late 2023, had been held confidential until recently. The law firm said T-Mobile tried to seal details of security lapses, but a recent petition to confirm the allocation brought these details in public views.
In a statement to WeekGreenberg glushes lawyer Paul Blechner not chopped words: “Sim exchange has been an uncontrolled security error for years. Carriers that T-Mobile have known about it and failed to take basic precautions. This price makes it clear: They have to make it better.”
SIM exchange (also known as SIM hijacking) is a long-term online crime tactic in which attackers convince a carrier staff to transfer a victim’s number to a new SIM card, giving them control over two-factor authentication codes and access to sensitive accounts. When an attacker is in control of a target number, they can reset passwords, bypass authentication protection and get entry IU post, bank or cryptocurrency platforms.
Law enforcement later identified the person behind the Jones attack as a 17-year-old diagnosed with ADHD. The individual allegedly had links to hackers Nima Fazeli and Joseph O’Connor, who was involved in the 2020 Twitter hack who compromised dozens of high-profile accounts, including Elon Musk, Joe Biden and Bill Gates.
This case is not the only time T-Mobile has been linked to SIM switch-related events. In recent years, the tactics have gained notoriousness for use in high efforts and major data breaches. In 2023, the consulting firm Kroll received a SIM exchange attack that involved T-Mobile as vulnerable data from several bankruptcy cryptopics, including FTX, Blockfi and Genesis. A year earlier, an American man was convicted of stolen $ 20 million in crypto via SIM change.