Crypto investor Michael Terpin has written an open letter to Federal Communications Commission (FCC) chairman Ajit Pai requesting urgent action on SIM swapping fraud.
Terpin, a victim of SIM swapping himself, asked the regulator to make mobile carriers hide customer passwords from employees and to provide a “no port” option, whereby customers would have to go through a company’s fraud department before transferring their SIM information to a new phone.
In a SIM swap, criminals pose as the owners of a victim’s mobile phone number, convincing telecom providers to grant them access to the SIM card. The same kind of hack affected Twitter CEO Jack Dorsey in September.
In August 2018, Terpin sued AT&T alleging that AT&T employees had been complicit in a SIM swap fraud that saw hackers steal $24 million in cryptocurrency. In July, a Los Angeles federal judge ruled that AT&T must answer Terpin’s lawsuit, which also alleges a violation of the Federal Communications Act, a breach of contract and other legal violations. Terpin is seeking $23.8 million in compensatory damages as well as $200 million in punitive damages.
The court has granted Terpin the right to try both a claim of breach of contract and a violation of the Federal Communication Act in court. Now, the case is moving slowly as AT&T is filing more motions to dismiss on the damages he is requesting, pushing Terpin to further prove that he lost cryptocurrency in the hack and that the carrier is responsible for his economic losses.
In the letter to the FCC, revealed exclusively to CoinDesk, Terpin said more than 50 individuals have reached out to him saying they were also victims of SIM swapping hacks, with millions in additional losses. Terpin implored Pai to investigate SIM swapping with the same rigor that the FCC went after robocalling.
Terpin told CoinDesk that all of those individuals were from the crypto community.
“I’m sick and tired of this happening while AT&T denies it,” Terpin said. “There’s no future of a billion people on blockchain without the phone companies fixing this.”
Terpin’s suggested remedies would mean telecom employees couldn’t see passwords and consumers would have to enter them themselves. A “no port” option would mean that a user would have to go through a telecomm’s fraud department if they wanted to transfer their SIM information without their old phone present.
Terpin says FCC’s Pai has made robocalling “a top priority” when he “doesn’t know anyone losing millions from robocalling.”
He hopes to meet with the FCC chairman soon to make his case. “I hope this doesn’t happen to future generations of people interested in cryptocurrency and blockchain or that they’re afraid to get in because they think they will be hacked,” he added.
Image of Michael Terpin, farthest on the left, from CoinDesk archives.