- Jul 22, 2014
- 2,525
PIN 'ignored' – no wonder T-Mob has put out an alert
A bloke from Washington is suing T-Mobile USA after miscreants were able to steal his phone number and take all his crypto-coins.
Carlos Tapang this week told the US state's western district court that the telco broke America's Federal Communications Act when, in November of last year, it allowed strangers to get control of Tapang's phone number and use it to take over his cryptocurrency wallets and drain thousands of dollars in digital money.
According to Tapang's complaint [PDF], the raid occurred on November 7 last year when someone contacted T-Mob and asked the carrier to transfer his number to a device on AT&T's network.
Rather than ask for a PIN to authorize the transfer, which Tapang claims he asked the telco to require as a safety precaution, T-Mobile staff simply signed ported the number as requested, letting AT&T assign the cell number to a device controlled by the criminals, it is alleged. From there, the thieves used the cell number to reset the password on Tapang's online cryptocurrency account – which was linked to that number – and then take over its wallets and drain his funds.
In total, Tapang's suit claims the pilfered currency amounted to 2.875 Bitcoins, worth approximately $20,350 at the time. The wallets held 1,000 OmiseGo (OMG) tokens, and 19.6 BitConnect coins, which were converted into BTC by the crooks, it is claimed.
Tapang does not appear to be the only person to have allegedly had a phone number stolen via a fraudulent port-out request. Enough victims have reported account thefts that T-Mob has set up a website to deal with the issue. Punters are told to set up a PIN to protect their numbers, but according to Tapang that safeguard is useless.
.....
.....
A bloke from Washington is suing T-Mobile USA after miscreants were able to steal his phone number and take all his crypto-coins.
Carlos Tapang this week told the US state's western district court that the telco broke America's Federal Communications Act when, in November of last year, it allowed strangers to get control of Tapang's phone number and use it to take over his cryptocurrency wallets and drain thousands of dollars in digital money.
According to Tapang's complaint [PDF], the raid occurred on November 7 last year when someone contacted T-Mob and asked the carrier to transfer his number to a device on AT&T's network.
Rather than ask for a PIN to authorize the transfer, which Tapang claims he asked the telco to require as a safety precaution, T-Mobile staff simply signed ported the number as requested, letting AT&T assign the cell number to a device controlled by the criminals, it is alleged. From there, the thieves used the cell number to reset the password on Tapang's online cryptocurrency account – which was linked to that number – and then take over its wallets and drain his funds.
In total, Tapang's suit claims the pilfered currency amounted to 2.875 Bitcoins, worth approximately $20,350 at the time. The wallets held 1,000 OmiseGo (OMG) tokens, and 19.6 BitConnect coins, which were converted into BTC by the crooks, it is claimed.
Tapang does not appear to be the only person to have allegedly had a phone number stolen via a fraudulent port-out request. Enough victims have reported account thefts that T-Mob has set up a website to deal with the issue. Punters are told to set up a PIN to protect their numbers, but according to Tapang that safeguard is useless.
.....
.....
