Lawyers working for a customer of T‑Mobile US have revealed how they defeated the telco in a 12-day trial over who was to blame for a multimillion-dollar theft from their client’s cryptocurrency holdings. The USD33mn payout is believed to be the largest publicly known award in a case involving SIM swap fraud. Per a press release from Los Angeles law firm Greenberg Glusker:
Undeterred by T‑Mobile’s standard litany of denials, the skillful lawyering on behalf of the individual cell phone customer humbled the telecom giant for its numerous security failures that enabled a SIM swap attack leading to the theft of cryptocurrency. The ruling sends a clear message: phone carriers must do more to protect consumers.
Greenberg Glusker fought the case on behalf a single victim, named as Joseph ‘Josh’ Jones in the arbitration documents they filed. Fraudsters executed a SIM swap on Jones’ phone service on February 21, 2020, despite ‘heightened security’ being applied to his account. The additional security controls included an eight-digit PIN number that was supposedly needed to authorize any changes to the account. Having taken control of Jones’ phone, the thieves then raided his cryptocurrency account and withdrew 1,500 Bitcoin and almost 60,000 Bitcoin Cash, a spin-off from Bitcoin. The lawyers estimated the market value of these holdings were USD38mn at the time of the theft, and had a peak valuation of USD165mn due to subsequent rises in the value of these cryptocurrencies. They ultimately secured USD26.6mn in damages from T‑Mobile but it is not cheap to fight a mobile operator.
The final award of $33 million, which T‑Mobile promptly paid, incorporated two prior rulings in the arbitration, an 89-page Interim Award on liability and damages and a 38-page ruling granting over $6.5 million in attorneys’ fees, costs, and interest.
The arbitration victory was secured in 2023 but only recently became news. It would have remained secret were it not for a second legal victory.
The firm filed a petition with the Los Angeles Superior Court to confirm the award, marking the first time this historic award, and the underlying legal battle, have been made public.
James Molen, one of the Greenberg Glusker lawyers who won this award, was critical of how the mobile operator has sought to withhold information from the public.
T‑Mobile is trying to hide the truth. They fought accountability at every turn, from blaming the victim to obstructing evidence production. The public has a right to know how their phone provider is putting them at risk, and we are confident the court will ensure transparency.
Pierce O’Donnell, the lead counsel who cross-examined senior T‑Mobile witnesses, drew attention to another long-running legal battle where AT&T is being sued over a SIM swap that resulted in the theft of cryptocurrency worth USD24mn.
As the arbitration unfolded, T‑Mobile’s defenses crumbled under the weight of the evidence. The arbitrator’s ruling is insightful and mirrors a recent Ninth Circuit decision — Terpin v. AT&T Mobility LLC — also won by Greenberg Glusker attorneys affirming telecom liability under federal law. This victory over T‑Mobile establishes a clear path for recovery by others who have been similarly harmed. The public should be allowed to see it.
There is an obvious motivation for lawyers to publicize their victory and hence advertise their services to other victims of SIM swap fraud. That does not alter the fact that the telecoms industry has been lackadaisical about the risks taken when allowing SMS messages to be used for two-factor authentication of online accounts worth many millions of dollars. The profits generated by A2P SMS look a lot less healthy if a telco becomes liable for crimes committed because they did not stop staff and systems from being subverted by criminals.
It was around the time of this particular trial that I warned telcos need to use enhanced security and risk mitigation when providing phone services to wealthy customers with large online holdings. The risks with SIM swap fraud have often been mischaracterized as a threat for all phone users but the lack of focus encourages a poor understanding of where risk really lies and how it should be mitigated. Criminals are not swapping the SIMs of phone users at random, as claimed by publicity-seeking buffoons of the type that mainstream media loves. It takes effort to seize control of somebody’s accounts. No crook wants to go to that trouble to discover they have accessed a wallet that has nothing in it. In this case, the victim alleged that T‑Mobile changed control of his phone account without demanding the eight-digit PIN associated with it. I struggle to understand how systems and processes could be so flawed as to permit this kind of safeguard to be bypassed.
SIM swappers research potential targets in advance. They pose as cryptocurrency investors themselves, seeking access to the events attended by the big fish they seek to land. They follow the news about who has large cryptocurrency investments. Some people make themselves a target by drawing attention to their wealth. It is hence a profound mistake for telcos to calculate they cannot afford to enhance the security surrounding accounts because all their customers are essentially the same. Many telcos understand that VIPs need to be treated differently to other customers; the same principles extend to the security of wealthy customers too. Nobody buys a safe and then leaves its door open. The amounts that need to be spent on maintaining robust protocols for identifying high-risk customers and accessing their accounts are small compared to the costs of fighting and losing cases involving the affluent victims of SIM swap fraud.
The press release from Greenberg Glusker can be found here.



