A California judge has thrown out a $200 million damages claim against mobile operator AT&T from crypto investor Michael Terpin over a SIM-swap hack, but has allowed the rest of the case to proceed.
- Judge Otis Wright II of California's central district court granted AT&T's motion, originally filed in April, to dismiss claims of concealment and misrepresentation, as well as requests for punitive damages.
- Terpin has said the hack robbed him of cryptocurrency holdings worth around $24 million at the time and argued the telco giant is in part responsible.
- In a filing Tuesday, AT&T's lawyers said Terpin's claim of deceit by concealment falls down as the mobile operator's privacy policy doesn't guarantee total protection from third-party breaches, so no attempt was therefore made to conceal or only partially represent the security protocol's limits.
- Terpin alleges an AT&T employee only assured him two-factor authentication (2FA) would keep his information private so the company could keep him as a customer, and that the firm had no actual intention of ensuring his information was secured.
- But, agreeing with the defendant's argument that "overly optimistic" promises are markedly different from false promises, the judge ruled that Terpin didn't show how AT&T intentionally misrepresented him over the protection offered by 2FA.
- The court also threw out allegations that AT&T employees knew about, but disregarded, the security inadequacies associated with the 2FA protocol.
- As Terpin's $200 million damages suit rested on the allegations AT&T committed fraud and that employees displayed negligent conduct, the judge has dismissed the existing claim.
- He did, though, give Terpin leave to file for punitive damages on separate claims.
- Terpin first sued AT&T in August 2018, claiming the company failed to adequately protect his cellphone from possible hack as it had allegedly promised.
- The court previously denied AT&T's motion to dismiss the entire case, ruling Terpin had showed how hackers may have used his phone's 2FA to access his crypto wallets, something he had relied on his phone provider to help protect.
- The case continues on the remaining allegations that AT&T breached its contract and that employees made an unauthorized disclosure of private information to hackers.
- Terpin is still suing AT&T for $23.8 million in compensation, the dollar-value of the cryptocurrencies stolen in 2018.
See also: Veritaseum Accuses T-Mobile of Gross Negligence Over $8.6M SIM-Swap Hack
Read the dismissal order below: