Blockchain Capital Bart Stephens SIM SWAP Hack - Could Have Been Prevented?

19 Sept 2023

Bart Stephens, cofounder and managing partner of crypto fund Blockchain Capital was the victim of a SIM SWAP hack.
And, the consequences for him are as follows:

  • 6.4 million US dollars worth of Bitcoin, Ether, and other cryptocurrencies were taken from his wallet(s)
  • He has become news, about how a partner from a well-known crypto fund has been hacked.

None of those are good for him.

What Did It Happen?

Mr. Stephens states that a hacker used personal information publicly available online and also personal information available in the dark web, to successfully perform a SIM SWAP hack on him.
After the hacker was able to port Mr.Stephen's cell number from his SIM card to a SIM card that the hacker controlled, the hacker was able to use this access to reset financial account passwords and also pass two-factor authentication (2FA) tests.
With access to Mr. Stephen's crypto assets, the hacker was able to move them to a crypto wallet(s) under the hacker's control.
Fortunately, not all his assets were lost, because a substantial amount of Ethereum was stored in a custodial cold wallet and when the hacker tried to access the assets this triggered a notification that alerted Mr.Stephens.

Could the SIM SWAP Have Been Prevented?

Most probably yes. But not 100% certainly.
Mr.Stephens is a public figure and it is known that he owns considerable amounts of cryptocurrencies.
As a known crypto owner, that makes him a desirable target for organized criminals.
And as a public figure, a lot of his personal information can be found on the net.
Hackers and scammers will target those people who they know they have significant amounts of crypto assets. Time is money, even for hackers and scammers, so they look for profitable targets.
Knowing this, Mr.Stephens could have contacted his cell phone provider and instructed them to be alert and to shield his accounts against SIM SWAPS.
Such as adding a PIN or password to his user account, which is requested every time an account change is solicited.

How to Minimize the Consequences of a SIM SWAP

If the hackers have enough knowledge and resources, they can still push forward a SIM SWAP.
You may take measures, but always there is a weak link somewhere and if you are a profitable target the hackers will pour enough resources to exploit that weak link.
So, having mobile phone message notifications as Two-Factor Authentication (2FA) is a very bad approach to digital security.
But, having mobile phone message notifications as Multi-Factor Authentication (MFA) is acceptable.
The consequence of being the victim of a SIM swap could have been prevented by using MFA or a more secure type of 2FA.
Mr. Stephens could have used a more secure 2FA method, like a 2FA app or, even better, a 2FA token.
But given the extent of his crypto portfolio, the best approach would have been to use both a secure 2FA app and hardware token as MFA.
This way, even in the case of a SIM SWAP, his crypto assets could have been inaccessible to the hackers, without first having to crack the additional authentication method.

Should You Shield Yourself From SIM SWAP Attacks?

The answer is Yes.
You may not be a crypto millionaire or a public figure but you never know how much of your personal information has been available to people with bad intentions.
Your data could be on the dark web making you an easier target.
If any of your data has been leaked and has any relation with crypto, that may ring some bells, and maybe some hacker or scanner decides to give it a try.
Why take risks? Maybe it is time to have a chat with your SIM service provider or make sure that SIM message authentication is not used as 2FA for any of your personal or financial accounts.
Before we conclude this article, please think twice before commenting on Mr. Stephens's situation.
Many people fall victim to hacks and scams, not for negligence or lack of knowledge, but for lack of awareness.
Let's be comprehensive and work towards bringing digital and crypto safety awareness to as many people as possible to prevent hackers and scammers from taking advantage.
At Crypto Safety First we hope that learning from real stories brings awareness that hacks and scams do not happen to other people, or in movies. The more aware we are, the safer we will be.
Congratulations on completing this 5-minute digital safety power-up.
We hope this short article has helped increase your digital safety knowledge and awareness, and the 5 minutes read was worth the time.
If you have additional time, consider digging deeper and learning about Two-Factor Authentication (2FA) types. (Follow the link to find a handy quiz to test your 2FA knowledge).
Article originally published at:

Write & Read to Earn with BULB

Learn More

Enjoy this blog? Subscribe to CryptoSafetyFirst


SIM swap scam tricks your carrier into sending your texts and calls to a scammer including password recovery and account verification codes. If SIM swap cracks open your social media or bank accounts, it can have devastating consequences.
Great article. Sim Swaps are pretty brutal unfortunately. MFA & 2fa is pretty important as a safety guard. Physical authentication like a yubikey can also work
Sim swaps, don't fall victim to this
Cybersecurity is a critical aspect of the blockchain and cryptocurrency space, and incidents like SIM swap hacks highlight the need for constant vigilance. Protecting personal information and digital assets should be a top priority for anyone involved in this technology. It's a reminder of the ongoing efforts required to secure our digital presence in an increasingly connected world.
The SIM swap hack involving Blockchain Capital's Bart Stephens is a stark reminder of the vulnerabilities that persist in our digital world. While it's easy to point fingers and assign blame, it's essential to approach this incident as an opportunity to learn and improve our cybersecurity practices. Firstly, it's crucial to acknowledge that no security system is entirely foolproof. However, there are steps that could have been taken to reduce the risk of a SIM swap attack. It's clear that better authentication processes and multi-factor authentication (MFA) could have made it significantly more challenging for the hackers to gain access to Stephens' accounts. Utilizing hardware tokens or biometric authentication methods would have added an extra layer of security.
New ways of exploiting people keep growing
great post
2FA is life saving
Too much hack happening in the space