Law firm says it "humbled" T-Mobile for not preventing SIM swap attack

0comments
T-Mobile Greenberg Glusker SIM swap
A T-Mobile store in California. | Image Credit - Wave7 Research

Los Angeles-based law firm Greenberg Glusker has won $33 million from T-Mobile for a SIM swap attack victim.

The company says it has secured a $33 million arbitration award against T-Mobile due to its security lapses that enabled a SIM swap attack that led to cryptocurrency theft. The trial occurred in the fall of 2023 and the firm says that "this is the largest known SIM swap-related award on record."

Greenberg Glusker's lawyers say that T-Mobile tried its best to avoid responsibility for the SIM swap attack and even blamed the victim for the ordeal. And even though the award is now public, they accuse T-Mobile of "blocking access to details of its security failures."

James Molen, Partner Greenberg Glusker Litigation Department, March 2025

Details of the case have been published by Security Week. There have been numerous cases of bad actors hijacking customer numbers by illegally transferring them to their phones. This is usually done by convincing or tricking an employee into transferring the victim's phone number to a SIM card they own, though T-Mobilehas taken steps in recent times to make that harder.

Once a criminal uses SIM swapping to reassign a victim's number to a SIM card they own, they can gain access to accounts such as bank accounts and social media accounts that use two-factor authentication (2FA).

Greenberg Glusker's represented Joseph "Josh" Jones, who lost more than 1,500 Bitcoin and around 60,000 Bitcoin cash - valued at $38 million - as a result of a SIM swap attack. The incident happened on February 21, 2020, and was made possible by a T-Mobile employee agreeing to transfer Jones’ phone number to a SIM card owned by the attacker.

The employee's maleficence alone should not have been enough to allow the attacker to make changes as Jones PIN-protected his account. This led Jones to believe that the criminal used a backdoor on T-Mobile’s systems.

A 17-year-old diagnosed with ADHD was behind the attack. He was linked to other cybercriminals who hijacked many Twitter accounts in 2020, including those belonging to Elon Musk - who later bought the company and renamed it to X -, Bill Gates, Jeff Bezos, and Joe Biden.
Did you enjoy reading this article?
There's more to explore with a FREE members account.
  • Access members-only articles
  • Join community discussions
  • Share your own device reviews
  • Manage your newsletter choices
Register For Free

Recommended Stories

Loading Comments...
FCC OKs Cingular\'s purchase of AT&T Wireless