According to an AT&T filing with U.S. District Court for the Western District of Washington dated Sept. 11, four people and an unknown software developer participated in the scheme.
In September 2013, AT&T discovered a surge in the number of unlock requests alerted the company to the possible abuse of "Torch," the software used to unlock cellphones. Later on, the company discovered that the logins and passwords of two employees at a center in Washington were responsible for a large number of the requests and those requests happened within milliseconds of each other.
On the computers of three former AT&T employees, investigators found unauthorized software intended to route unlocking requests from an external source through AT&T's computer system. AT&T says its investigators uncovered numerous iterations of the software, which grew in complexity until it was eventually able to submit the automatic requests.
AT&T says a company called Swift Unlocks and its proprietor, Prashant Vira, were involved in the scheme and paid its former employees to install the software.
AT&T says "hundreds of thousands" of phones were unlocked as a result of the scheme.