Cell phone carrier T-Mobile is staring down a lawsuit over allegations it failed to safeguard against a SIM swap scam that cost one customer $55,000 in lost bitcoin.
Plaintiff Richard Harris is alleging T-Mobile’s misconduct including its failure to adequately protect customer information, hire appropriate support staff, and its violation of federal and state laws led to his loss of 1.63 bitcoin.
Harris is demanding a trial by jury, according to a court document filed last week in the U.S. Eastern District of Pennsylvania.
It isn’t the first time the major U.S cell phone carrier has faced litigation over its alleged breach in its duty of care over customer data and loss of bitcoin. Earlier this year, T-Mobile was sued over a SIM-swap attack that resulted in the loss of more than $450,000 in bitcoin.
A SIM swap is a type of scam involving the purchase of a new prepaid SIM card. A bad actor contacts a company representative, in this case, T-Mobile, convinces the rep they are their victim’s identity and asks the rep to port the victim’s old number to a new prepaid SIM.
From there, the actor can then gain access to bank accounts, crypto exchange wallets, and more simply by having an access code sent as a text message to the prepaid SIM.
“Numerous instances of mishandling of customer account information have occurred at T-Mobile,” the complaint by Harris alleges.
Specifically, Harris argues T-Mobile violated the country’s Federal Communications Act, which stipulates that the cell phone carrier must protect the “confidential proprietary information of [its] customers” and “customer proprietary network information.”
As such, the plaintiff is seeking restitution for a number of damages including actual, statutory, treble, and punitive as well as lawyer fees and prejudgment interest.