Cellphone carrier T-Mobile is being sued over allegations it failed to safeguard against a SIM swap scam that cost one customer $55,000 in lost bitcoin.
Richard Harris, the customer and plaintiff, is alleging T-Mobile's misconduct including its failure to adequately protect customer information, hire appropriate support staff and its violation of federal and state laws led to his loss of 1.63 bitcoin.
Harris is demanding a trial by jury, according to a court document filed last week in the U.S. Eastern District of Pennsylvania.
This isn't the first time the major U.S cellphone carrier has faced litigation over its alleged breach in its duty of care over customer data and loss of bitcoin. Earlier this year, T-Mobile was sued over a SIM-swap attack that resulted in the loss of more than $450,000 in bitcoin.
A SIM swap is a scam involving the purchase of a new prepaid SIM card. A bad actor contacts a company representative, in this case someone from T-Mobile, convinces the rep they are the victim and asks the rep to port the victim's old number to a new prepaid SIM.
From there, the bad actor can gain access to bank accounts and crypto exchange wallets and have an access code sent as a text message to the prepaid SIM.
"Numerous instances of mishandling of customer account information have occurred at T-Mobile," the complaint by Harris alleges.
Specifically, Harris argues T-Mobile violated the Federal Communications Act, which stipulates that a cellphone carrier must protect the “confidential proprietary information of [its] customers” and “customer proprietary network information.”
Harris is seeking restitution for actual, statutory, treble and punitive damages as well as for lawyer fees and prejudgment interest.
A T-Mobile representative said the company is unable to comment on pending litigation.