AT&T Sues 3 Former Workers for Alleged Mobile Phone Unlocking Scheme

The former employees allegedly used an unauthorized computer program to unlock AT&T phones so they could be used on other networks.

AT&T sues former employees

AT&T is suing three of its former employees for participating in a scheme to illegally unlock smartphones that the company sold so that their owners could use them on other carrier networks, which is a violation of AT&T's rules.

The 25-page lawsuit, filed recently in United States District Court in the Western District of Washington, names Marc Sapatin, Kyra Evans and Nguyen Lam, who formerly worked as support specialists in an AT&T office in Bothell, Wash., as defendants in the case, along with Sapatin Nguyen Enterprises Inc., Prashant Vira and Swift Unlocks Inc. Sapatin, Evans and Lam worked for the company in 2013, according to the lawsuit. Some 50 unidentified John Doe defendants also are named in the suit as co-conspirators for allegedly benefiting from the unauthorized smartphone unlocking processes.

The three former workers had access to AT&T computer systems as part of their jobs in customer service and used an AT&T application called Torch for their work, which also allows employees to unlock phones if requested by customers under certain conditions, the suit alleges.

"Based on the credentials that users must provide to log into the Torch program, all unlocking transactions can be traced to the specific AT&T employee that sent the unlock request," the suit states.

A "surge" of unlock requests was noted around Sept. 26, 2013, by AT&T's Asset Protection team, suggesting that the Torch application was being abused, the suit states. The Asset Protection team investigated the surge of requests and allegedly determined that "the employee credentials of defendants Evans and Sapatin were associated with disproportionately large instances of use of Torch's 'unlocking' function during the relevant time period." In addition, "AT&T's review of the unlock requests associated with defendants Evans and Sapatin further revealed that the unlock requests occurred within milliseconds of one another, suggesting the use of an automated or scripted process to unlock devices, rather than manual submission of unlock requests in the ordinary course of business."

The AT&T investigation alleged that Evans used malware programs to collect the confidential and proprietary information without permission, the suit states.

"As a result of Evans' conduct, thousands of unauthorized and fraudulent unlock requests were transmitted under her employee identification number," the lawsuit alleged. "Evans' access to and/or execution of the malware programs was done intentionally, knowingly, and with intent to harm and defraud AT&T and was without authorization by AT&T."

Sapatin and Lam also allegedly made an abnormal number of unlock requests in their work for the company, the suit continues.

Vira, the owner of a company called Swift Unlocks, "paid Evans at least $20,000 for her placement and/or execution of the malware programs on AT&T's protected computer systems for the purpose of securing the fraudulent unlocks," the suit continued.

The lawsuit alleges that the former employees breached their "duty of loyalty" to the company in participating in the alleged scheme against AT&T, while alleging that all of the defendants participated in computer fraud, business interference and civil conspiracy, the suit continues.

In a statement, AT&T told eWEEK that no customer information was improperly accessed during the alleged incidents.

"We're seeking damages and injunctive relief from several people who engaged in a scheme a couple of years ago to illegally unlock wireless telephones used on our network," the company said. "It's important to note that this did not involve any improper access of customer information, or any adverse effect on our customers."