Last week was blockchain week in New York, and on Wednesday I was at the Consensus conference to moderate a couple of panels, one of which was titled “Policing the Blockchain: Protecting Investors and Consumers.”
It was an exciting discussion for me, because one of the panelists, Michael Terpin, had been the victim of a SIM-swapping, or phone-number porting attack, in which thieves took control of his phone and email accounts and used their access to pillage some $24 million of Terpin’s cryptocurrency. I’d written a magazine feature for Fortune on the trend back in 2017, and it is now so common that several investors were hacked while attending last year’s Consensus conference; when I polled the audience at my panel, at least two people in the crowd admitted to having experienced a similar attack.
When I covered the issue almost two years ago, catching the culprits seemed rather hopeless, given the scant attention these cases were getting from law enforcement. But in Terpin’s case, investigators in California managed to track down at least one of the thieves, who has since pleaded guilty to stealing the crypto–and last week, days before our panel, a court awarded Terpin nearly $76 million in damages.
Finally, it seems, there is justice for victims of crypto theft.
But throughout the discussion another disturbing pattern emerged. Terpin’s investigation had led him to AT&T, his cellphone carrier at the time, which he is now suing in federal court. (AT&T ranks No. 9 on this year’s Fortune 500 list, which we just released last week.) Terpin, who runs a blockchain-focused PR firm, alleges that the attackers took control of his phone by convincing an AT&T store employee to switch his phone number to a new device despite not knowing his pin code. Often, Terpin said on the panel, attackers will bribe AT&T employees with $100 to override the pin requirement; more than 40 phone hacks track back to one employee in a store in Tucson, Arizona, he claimed.
An AT&T spokesperson told the New York Post last month that “Mr. Terpin is wrong, and we have asked the court to dismiss his complaint.”
But David Silver, a lawyer who specializes in going after cryptocurrency fraud, also sat on the panel. And not only was Silver a victim of the same type of attack when he, like Terpin, used AT&T for his cellphone carrier, but the lawyer is now representing more than 30 other clients who are suing AT&T for the attacks they suffered themselves. (While he is also pursuing similar cases against Verizon, T-Mobile and Sprint, they are far fewer in number, Silver said.)
While the hackers have gotten more sophisticated, Silver said, “for lack of a better term–hell, I’m on camera–AT&T is working with them.”
AT&T is “the absolute weak link,” added Terpin, who is now advocating for regulations that would put more security in place to prevent carriers from so easily handing over or bypassing customers’ pin numbers.
“Michael and I will both tell you, AT&T’s security isn’t worth the money you pay for it,” said Silver.
Their advice: “If you have an AT&T account, switch it over immediately to anybody else,” Terpin suggested. He recommends using Google Fi or T-Mobile instead.
For now, Silver is forced to argue his cases in private arbitration with AT&T, and according to him, the cellphone carrier is claiming that its terms of service shield it from liability in all such cryptocurrency thefts.
We’re now less than a month away from Fortune’s inaugural Brainstorm Finance conference in Montauk June 19-20! There are still a few spots left for attendees–while the conference is invitation-only, you can email us to request one.
THE LEDGER’S LATEST
What ‘Game of Thrones’ and the Crypto Market Have in Common by Seth Patinkin
Exclusive: Scammed Porn Watchers Have Paid Nearly $1 Million in Bitcoin Blackmail by Jeff John Roberts
Well, That Was Fast… Bitcoin Drops $1,000 in 24 Hours by Chris Morris
To the Moon… Coinbase is reportedly in talks to buy Xapo. Facebook is hiring compliance officers from Coinbase. The “crypto candidate for President” gains steam. “The World’s First Blockchain Battle Royale With Cheese.” ‘Crypto Winter’ is finally leaving (or so it seems). Bitcoin gets Anderson Cooper’s “60 Minutes” treatment. A 20-year-old claims millions in Bitcoin trading profits. The number of newly created banks is climbing again after years of declines.
…Rekt. JPMorgan predicts Bitcoin prices will soon fall back down. Banks’ refusal to do business with crypto companies may have led to problems at Bitfinex, Quadriga. The SEC delays its decision on the VanEck Bitcoin ETF. Blockchain projects have so many bugs they’re paying hackers big bucks to fix them. The Consensus blockchain conference had fewer attendees and more suits in lieu of costumes. Ripple CEO still uses cash, doesn’t expect to replace bank completely. TD Ameritrade and eBay deny cryptocurrency plans.
BALANCING THE LEDGER
This week, Barry Silbert, the CEO of Digital Currency Group, joined me and Robert Hackett on “Balancing the Ledger.” We discussed Bitcoin’s recent (and historical) market reaction to trade war fears and other geopolitical concerns; why central banks might one day transition from buying gold to buying cryptocurrency; DCG’s potential IPO aspirations; and more.
Bitcoin vs. Stocks. The S&P 500 has bounced back this year after its December plunge, but uncertainty over trade talks between the U.S. and China and other geopolitical tensions have sparked volatility and selloffs. Bitcoin, meanwhile, has surged in recent weeks even as stocks have fallen–and the increase in the Bitcoin price has far outpaced the stock market’s rise:
S&P 500: 13%
FOMO NO MO’
Standing up to the SEC. Katie Haun, the federal prosecutor turned crypto VC at Andreessen Horowitz, has essentially written a case study looking at messaging app Kik’s engagement with the U.S. Securities and Exchange Commission over whether Kik’s ICO violated the law. Kik (which is not a portfolio company of Andreessen Horowitz) vowed in an unusual public response to the SEC late last year that it would fight any such accusations in court. Based on Kik’s argument so far and the “publicly available facts,” Haun preliminarily sides with Kik, concluding that “this case isn’t the best vehicle [for the SEC] to take action on.” Here are the facts that helped convince her, which, she writes, “the SEC will need to contend with”:
50% of participants in the token sale purchased less than $1000 of Kin, which seems more consistent with a consumptive use vs. investment purpose argument.
The way in which Kik structured things encouraged broad participation and discouraged speculation, for example, by capping the amount an individual could purchase to ensure more participants used its network.
It delayed its token sale to ensure functionality of the network first, making sure it could be used now vs. just in the future.
Since the token sale, the use of Kin has increased.