AT&T sues former employees for allegedly unlocking "hundreds of thousands" contract-bound phonesBy Rob Thubron
AT&T is suing three of its former employees that it accuses of helping to unlock hundreds of thousands of cell phones so the devices could work with any other wireless carrier. Marc Sapatin, Nguyen Lam, and Kyra Evans all worked at an AT&T call center in Washington in 2013, where it's claimed they "perpetuated the Unlock Scheme by creating, distributing, and placing on AT&T's computer systems a 'malware' program designed to fraudulently, and without authorization, transmit unlock requests that unlocked hundreds of thousands of phones from exclusive use on AT&T's network," according to the complaint filed in Seattle's US district court.
AT&T claim that the accused trio collaborated with Anaheim-based company Swift Unlocks in the scheme. The SwiftUnlocks website offers a service that unlocks a variety of phones for a fee. It's alleged that the company owner and operator, Prashant Vira, paid Evans at least $20,000 "for her placement and/or execution of the malware programs on AT&T's protected computer systems for the purpose of securing the fraudulent unlock." AT&T further alleged that Swift Unlocks paid Sapatin - who also attempted to involve other AT&T employees in the fraud - at least $10,500. No payments to Lam were alleged.
The malware allowed commands to be issued from a remote, unauthorized server and used "valid customer service personnel identification numbers" to process automated unlock requests without proper authorization, AT&T wrote. The company added that it believed 50 "John Doe Defendants" helped develop the software.
AT&T is seeking financial damages and injunctions preventing the defendants from continuing the alleged activity. The company gave the following statement to ars technica: "We're seeking damages and injunctive relief from several people who engaged in a scheme a couple of years ago to illegally unlock wireless telephones used on our network. It's important to note that this did not involve any improper access of customer information, or any adverse effect on our customers."