Seattle based investor Gregg Bennett’s Bittrex account got hacked in a SIM swap incident. As the hackers seized control of the victim’s cell phone, Bitcoin worth $1 million disappeared from his account. Now, Bennett has filed a million-dollar lawsuit against Bittrex in King County Superior Court, Washington state.
According to the lawsuit, the hack, which resulted in the loss of 100 Bitcoin, occurred on 15th April. Bennett attempted to raise the alarm. But Bittrex ignored his warning for 24 hours, allowing hackers to drain his account. Bennett fears the exchange deliberately ignored his attempts to contact it. And blames the exchange of being unaware of standard industry practices to prevent such hacks.
The SIM swap hack happened via the cellular services of AT&T. And within two hours it drained Bennett’s account into an anonymous one.
Why does he hold Bittrex responsible?
Bennett states Bittrex is misrepresenting its level of security. Thus it is exposing the exchange users to unfair and deceptive security standards.
According to the suit Bittrex failed to notice multiple highly suspicious activities on Bennett’s account. An attack was evident because it involved a suspicious IP address and a different computer operating system. Furthermore, the exchange’s security standards failed to hold the account for 24-hours for transfer. And this ought to have happened because both password and 2-FA had been changed by the hacker.
It was more than a security fail
Bennett’s agitation seems justified for all the right reasons. As per his statement, it took a massive effort to convince the exchange that his account stood hacked. He had to approach Bill Shihara, CEO of Bittrex to report the hack.
Currently, Bittrex’s Customer care receives all the complaints via email, even the urgent ones. And it seems the system response is quite slow. Whether it is a security loophole or negligence, Bennet stands determined to make Bittrex payback.
Previously, we covered the BitMEX update email goof up. And how Golix CEO is in soup for having misplaced his cold wallet password.