AT&T sues two over scheme to steal customer data

Share this article:
AT&T has accused two Utah men of carrying out a data mining scheme, using automatic dialing programs to harvest information from its customer database and costing the company more than $6.5 million.

In a complaint filed late last week in federal court in Dallas, AT&T and its subsidiaries named Phil Iverson and Chris Gose as the masterminds behind the fraud.

AT&T claims that over at least the past five years, the defendants used computerized auto-dialing programs to place hundreds of millions of phone calls to numbers they purchased from AT&T, according to the complaint.

The calls, however, were spoofed to make it appear like the calls were coming from other AT&T customer numbers, which tricked AT&T's systems into delivering caller ID name information stored in its customer database.

“By constantly adjusting and refining their data mining techniques, defendants have been able to launch a series of cyberattacks on and gain unauthorized access to AT&T's electronic [customer] database,” the complaint stated.

It also names a group of corporations as co-defendants, including Blue Skye, CCI Communications and Feature Films for Families.

Iverson and Goose directed or caused these companies to participate in the alleged fraudulent activities, AT&T contended. The masterminds purchased telecommunication services offered by the co-defendants to use as part of the scheme.

The defendants likely used the stolen caller ID data for telemarketing purposes, AT&T said in the complaint. The information has “considerable commercial value,” since matching name and number information for wireless subscribers is often not available in public directories.

AT&T added that it lost roughly $6.5 million from processing the millions of spoofed calls and caller ID searches, as well as from deploying technologies to detect and stop the activity. 

The telecom giant is seeking actual and punitive damages and asked the court to bar the defendants from conducting additional data mining fraud.

Neither Iverson nor Goose could be reached for comment.

Share this article:

Sign up to our newsletters

More in News

Latest Citadel trick allows RDP access after malware's removal

Latest Citadel trick allows RDP access after malware's ...

Trusteer, an IBM company, said the new Citadel configuration was detected this month.

Cryptoblocker variant emerges, encryption differs from CryptoLocker

Trend Micro has detected a variant of CryptoLocker in the wild that relies on the advanced encryption standard.

Jimmy John's sandwich chain investigating possible breach

Some financial institutions have indicated that credit cards recently used at Jimmy John's locations have been used to make fraudulent purchases.