by Avi Mizrahi
February 8, 2018
Cryptocurrency use requires great personal responsibility with regards to data security. Investors need to not only make sure they are using best security practices but must also hope that service providers that have the potential to jeopardize their holdings do so as well. In a recent federal court case, a T-Mobile client claims that the company exposed his money to hackers.
T-Mobile US, Inc. (NASDAQ: TMUS), the third largest wireless carrier in the United States, is facing a lawsuit from a customer for allegedly enabling the theft of his cryptocurrency. Carlos Tapang from Washington state claims that T-Mobile “improperly allowed wrongdoers to access” his mobile account on November 7 2017.
According to the suit, the company’s lax security measures enabled the criminals to transfer his phone number to an AT&T account which they control without his consent. And with this in their hands, they were able to change the password of one of his bitcoin exchange accounts and steal his cryptocurrency. “T-Mobile was unable to contain this security breach until the next day,” Tapang alleges. The hackers then shifted the spoils of 1,000 omisego (OMG) tokens and 19.6 bitconnect coins for 2.875 BTC, worth $20,466.55 at the time, and transferred it out of his exchange account.
According to the allegations, T-Mobile is partially for the loss responsible because it was meant to add a PIN code to the account before November 7, but the measure wasn’t finally implemented. The company is also accused of allowing scammers to repeatedly call T-Mobile’s customer support until eventually a representative would mistakenly grant them control over customer accounts without the needed identity verification.