A cyber thief was able to trick AT&T into providing Michael Terpin’s account information, enabling that thief to make off with nearly $24 million in cryptocurrency belonging to Terpin, according to a complaint filed in the U.S. District Court for the District of California in Los Angeles.
In the lawsuit, among other things, Terpin alleges that AT&T was negligent in failing to protect its customers’ private data, and that it willfully disregarded unlawful transactions between AT&T employees and cyber thieves. Terpin claims that his digital currency was lost due to a “SIM swap fraud,” where the customer’s phone number is transferred to a SIM card operated by a hacker, who then resets the customer’s passwords and logs into their accounts in order to obtain confidential data and access to assets. Terpin believes that an AT&T employee cooperated in the swap that caused him to lose digital coins that would have been valued at $23.8 million in January of 2018, during a time where the value of the bitcoin was soaring, as previously reported by the BSCR financial services law blog. Because he has been publicly involved in cryptocurrency enterprises, Terpin was a prime target for cyber thieves.
AT&T has responded to the complaint publicly, stating, “We dispute these allegations and look forward to presenting our case in court.” Terpin, though, alleges that the telecommunications juggernaut has simply become “too big to care,” prioritizing expansion and acquisition over investing in hiring qualified professionals, providing ongoing training, or investing in systems that would better protect customer data.
While it remains to be seen what the outcome of this litigation will be, this lawsuit serves as a cautionary tale to any large institution that possesses sensitive online account data of its customers. These institutions would be well advised to look into their hiring and training procedures, as well as to consider implementing secure storage systems, in order to curtail future liability. BSCR will continue to monitor this litigation and will provide updates as milestones occur in the case.
An action filed in the United States District Court for the Western District of Missouri culminated after four years with a consent order that is catching attention due to its unusually small civil penalty, particularly in light of the severity of the conduct being penalized.
Richard Moseley Sr. and others, as well as a multitude of LLCs operating under his control (the “Defendants”), reached a consent judgment in the amount of $69,623,528, representing the amount of Defendants’ ill-gotten gains from their illegal payday lending scheme. But, in that same order, execution of the judgment was suspended upon certain conditions, including the following: (1) that Defendants agree not to participate in any further lending or financial services activities, (2) that they permit the CFPB to work with the Department of Justice to use funds from their bank accounts seized in a separate criminal action, and (3) that they each pay a civil penalty of just one dollar.
This anemic civil penalty was figured based upon affidavits and documents Defendants provided to the Bureau showing their lack of ability to pay the judgment amount, or apparently even a small fraction of it.
The consent order follows the recent criminal conviction of Moseley in the Southern District of New York for conspiracy, collection of unlawful debts, wire fraud, aggravated identity theft, and false disclosures under TILA. Among other things, Moseley and others charged illegally high interest rates, approaching 1,000 percent, on payday loans, took sensitive banking information of prospective customers who had not signed a contract for the loan and withdrew money from their accounts, and falsely reported that his businesses were based in other countries when they were actually operating in the Kansas City area.
Today, President Trump signed into law S. 2155, The Economic Growth, Regulatory Relief and Consumer Protection Act. In doing so, President Trump stated, “the legislation I'm signing today rolls back the crippling Dodd-Frank regulations that are crushing small banks.”
In response to the new law, community lenders across the nation rejoice. On behalf of Independent Community Bankers of America (the “ICBA”), President and CEO Rebeca Romero Rainey issued a statement that the “landmark law signed by the president today unravels many of the suffocating regulatory burdens our nation’s community banks face and puts community banks in a much better position to unleash their full economic potential to the benefit of their customers and communities.”
Some of those regulations include stringent ability-to-repay evaluations, record retention requirements, reporting to regulators, and stress-testing under the authority of the Federal Reserve to determine the ability to withstand a financial crisis. Smaller banks and credit unions reportedly found these regulations to be unduly burdensome for them, given their relative size and resources for compliance. Perhaps the best evidence of this argument is the nearly 2,000 community financial institutions that ceased operations after the Dodd–Frank Wall Street Reform and Consumer Protection Act was enacted in 2010.
Critics of the Act, however, argue that the Act goes too far in deregulation. According to some, decision to raise the “enhanced oversight” threshold from those banks with $50 billion or more in assets, to those with at least $250 billion, was too severe, and that such a large rollback in regulation could lead to the next major financial crisis in America. Indeed, the Act provides a new standard for “too big to fail” that excludes nearly two dozen banks that were previously considered to be systematically important financial institutions.
Only time will tell the impact of this new legislation, but The Economic Growth, Regulatory Relief and Consumer Protection Act is being hailed as a win for Main Street by many.BSCR previously posted about S. 2155 when it was first expected to pass in the Senate and has continued to monitor the bill’s progress. The full text of the new law may be found here.
About Financial Services Law Blog
The BSCR Financial Services Law Blog explores current events, litigation trends, regulations, and hot topics in the financial services industry. This blog will inform readers of issues affecting a wide range of financial services, including mortgage lending, auto finance, and credit card/retail transactions. Learn more about the editor, Megan Stumph, and our Financial Services practice.
The Financial Services Law Blog is made available by Baker Sterchi Cowden & Rice LLC for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. Your use of this blog site alone creates no attorney client relationship between you and the firm.
Do not include confidential information in comments or other feedback or messages related to the Financial Services Law Blog, as these are neither confidential nor secure methods of communicating with attorneys. The Financial Services Law Blog should not be used as a substitute for competent legal advice from a licensed professional attorney in your state.