Wireless insiders charged in phone-access scam
The Department of Justice filed charges against a Verizon employee and 2 employees of stores selling AT&T service for using their access to hijack customer accounts.
Why it matters: Especially in the AT&T case where the accused were employees of a contractor and not AT&T itself, the cases raise questions about companies' ability to control employee behavior when the workers are able to steal data or funds from a customer.
Background: The scam, known as SIM-swapping, involves hackers breaking into victim's cellphone accounts to reset passwords on other accounts.
- From there, the hijackers can reset passwords on email, bank and other accounts that allow a phone number to serve as a form of identification.
Details: The 3 employees charged join 6 people who were indicted last week, all connected to a SIM-swapping ring.
- Those charges came a day before bitcoin investor Michael Terpin won $75 million in a lawsuit against a SIM-swapping criminal who stole millions from his cryptocurrency wallets.
- Axios Codebook profiled Terpin in September as he launched lawsuits against AT&T for allowing employees and contractors to transfer accounts without following security procedures advertised to customers.