If you work at an AT&T store, but moonlight on the side by helping other resellers fraudulently unlock AT&T phones (through AT&T’s own systems), then odds are good at AT&T isn’t going to be very thrilled with you. In fact, they will probably sue you.
Such is the situation that three former AT&T retail employees—Marc Sapatin, Nguyen Lam, and Kyra Evans—find themselves in. The trio worked at an AT&T call center in Washington back in 2013. According to AT&T’s complaint, which it filed last week in Seattle’s U.S. District court, the three “perpetuated the Unlock Scheme by creating, distributing, and placing on AT&T’s computer systems a ‘malware’ program designed to fraudulently, and without authorization, transmit unlock requests that unlocked hundreds of thousands of phones from exclusive use on AT&T’s network.”
Of course, they didn’t do this for free. According to a report from Ars Technica, AT&T alleges that a fourth party to the entire affair—Prashant Vira, who owns and operates a company called Swift Unlocks—paid Evans at least $20,000 “for her placement and/or execution of the malware programs on AT&T’s protected computer systems for the purpose of securing the fraudulent unlock.” Sapatin allegedly received somewhere around $10,000, and it’s unclear just what Lam’s arrangement might have been.
“Sapatin also attempted to recruit other AT&T employees to participate in the Unlock Scheme. Sapatin told at least one other AT&T employee he was trying to recruit that he knew an individual that had paid to develop software designed to unlock phones. Sapatin told the AT&T employee that she only had to click on a link provided by someone else involved in the Unlock Scheme to download the software, and the program would run invisibly on his computer. Sapatin promised the employee that she would make $2,000 every two weeks through her participation in the Unlock Scheme,” reads AT&T’s complaint.
The malware allegedly sent a bunch of proprietary and internal AT&T information to the the aforementioned defendants and up to 50 other “John Doe defendants” AT&T names in its complaint, which they would then use to tweak said malware, pass off to Evans, and have her reinstall on AT&T’s systems. However, the company noted in a separate statement to Ars Technica that no customer information ever leaked out.
AT&T’s complaint asks for both financial damages, which will be determined later, as well as injunctions to prevent the defendants from continuing on with what they’re alleged to have done.