IP: Ma Bell (well ATT) from Telecom

[David Farber <farber () cis upenn edu>]

Subject: AT&T Can't Collect for Hacker's Calls
Date: Sun, 22 Jun 1997 00:55:41 PDT
From: tad () ssc com (Tad Cook)




Judge Rules Philadelphia Law Firm Not Liable for Payment of Hackers'
Calls


BY JIM SMITH, PHILADELPHIA DAILY NEWS
Knight-Ridder/Tribune Business News


Jun. 20--For a change, David beat Goliath.


AT&T Corp. had sued in federal court to collect nearly $17,000 from a
small Philadelphia law firm -- even though the firm had been
victimized by "hackers."


The bill was for long-distance toll calls made overseas, mostly to the
Dominican Republic, over a nine-day period in August 1994.


AT&T demanded payment, knowing that "hackers" had illegally accessed
the firm's leased telephone system to make the overseas calls, and
despite the firm's prompt notice that a scam was in progress.


"It is the policy of AT&T to hold customers responsible for all such
calls because it is the customer, not AT&T, who controls the security
of ... the customer's telephone system," an AT&T employee told the
firm's founder, James C. Schwartzman.


Three arbitrators, attorneys Joseph Lombardo, Doris Dabrowski and
Pamela Esposito, heard several hours of testimony from Schwartzman and
other witnesses yesterday and then ruled in Schwartzman's favor.


"I'm still outraged by this," said Schwartzman, a former federal
prosecutor who has a three-lawyer firm that does both criminal and
civil litigation.


Schwartzman said he intended to research other AT&T collection cases
involving long-distance-toll fraud, with an eye towards filing a
class-action suit against AT&T on behalf of others who have been
billed for calls made by hackers.


Richard Blasi, an AT&T spokesman, had no comment on the arbitrators'
ruling, but insisted AT&T tries "to work with" customers caught up in
such a scam.


But testimony indicated that all AT&T will do is offer to settle a
disputed bill in exchange for what it costs AT&T to prosecute a debt-
collection case.


"They certainly never made any proposal that was a substantial discount
from the full amount," noted Schwartzman's partner, Gary Tilles.


Schwartzman isn't an AT&T customer, since his long-distance service --
then and now -- is provided by MCI, and his phone system is leased
from his landlord, Rawle & Henderson, another law firm.


Back in 1994, the day the hacker began using his lines, Schwartzman
reported it to MCI. At his request, MCI immediately blocked any
overseas calls originating from Schwartzman's phone. The hacker then
made long distance calls by accessing AT&T's system.


MCI later apologized and withdrew its bill for more than $3,000 in
unauthorized calls.


AT&T also was notified by Schwartzman the first day of the hacker's
calls, but said it had no capability then to put a block on overseas
service.


AT&T may appeal the arbitrators' award to U.S. District Court, but its
attorney, Frank Nofer, couldn't be reached for comment.




******Remember  19 June in San Fran******


Look at http://www.eff.org/fillmore