AT&T Sues Ex-Employees That Secretly Unlocked 'Hundreds of Thousands' of Phones

Telecom giant AT&T has accused three former employees of fraudulently installing malware on the company's computers and using it to illegally unlock "hundreds of thousands" of cell phones.

The company filed a lawsuit last week against the former employees, the cell phone unlocking site SwiftUnlocks, and a group of unnamed developers.

The three former employees allegedly used malware developed by a group of unidentified developers to file hundreds of thousands of automated requests to unlock AT&T's customers' phones, according to the filing, which was first reported by GeekWire on Friday.

The three defendants, Marc Sapatin, Nguyen Lam, and Kyra Evans, no longer work for AT&T. (Sapatin and Evans did not respond to a request for comment sent via LinkedIn, while we were not able to find contact information to reach out to Lam.)

"We're seeking damages and injunctive relief from several people who engaged in a scheme a couple of years ago to illegally unlock wireless telephones used on our network," AT&T spokesperson Seth Bloom told Motherboard, adding that "it's important to note that this did not involve any improper access of customer information, or any adverse effect on our customers."

AT&T explained in its complaint that the three former employees used to work as customer support specialists at the company's call center in Bothell, Washington. In Sept. 2013, the company became aware of a "surge" in requests to unlock phones. (AT&T sells locked phones, so that customers can not switch to other carriers. In certain cases, however, customers can ask AT&T to unlock their phones).

At the time, AT&T noticed that the requests were associated with the three former employees' credentials, and given that the "unlock requests occurred within milliseconds of one another," the company suspected the use of automated script. As it turned out, the employees had installed malware on the company's systems, exploiting the customer service app "Torch," according to the filing.

The three former employees allegedly worked with Swift Unlocks, getting paid to unlock the phones. Swift Unlocks also allegedly provided the malware to the three. A group of unnamed defendants developed the malware, according to AT&T.

The company is accusing all the defendants of hacking crimes, "breach of loyalty," interfering with AT&T's customer contracts, and "unjust enrichment. The company is asking for damages and requesting a jury trial.