Missouri residents Joseph Harris, 21, and Fletcher Robert Childers, 23, have been arrested because of their alleged involvement in hacking and stealing large amounts of digital currency from a California-based crypto firm.

Both Harris and Childers were taken into police custody on Monday as authorities allege the pair stole $14 million in cryptocurrency from San Jose, California-based startup Crowd Machine.

Court documents and search warrants filed in Oklahoma City on September 24 noted that Crowd Machine had informed a California-based cybercrime task force, on September 22nd, about the security breach and theft of millions of dollars in cryptocurrency from their platform’s wallets.

SIM Swapping Hack

The pair have been accused of using a SIM swapping technique in order to steal people’s cell phone numbers and their identity. In response to the hack, Crowd Machine published a blog post on its official website in which it confirmed its cryptocurrency wallets had been compromised.

The crypto firm alerted users its Crowd Machine Compute Tokens (CMCTs) had been stolen and that the most of the digital asset exchanges had suspended, or halted, all trades involving CMCT. Crowd Machine’s notice also recommended that people wait until the ongoing police investigation has been completed before buying their company’s token.

Approximately 500 million CMCTs had been issued by the blockchain startup and an additional 1.5 billion tokens were being held in its reserves. However, the large-scale security breach reportedly led to 1 billion of its native tokens being stolen and moved to various exchanges.

Commenting on the hack, Crowd Machine founder and CEO, Craig Sproule said: 

The criminal investigation is ongoing so we’re not in a position to comment other than to confirm that two arrests have been made. We’ve been working closely with law enforcement agencies to help with the ongoing investigation.

Craig Sproule

“Actively Laundering” Stolen Cryptocurrency

The suspects, who were arrested at a hotel room in Oklahoma City, had been sending threatening emails to the victims of the hack and are believed to have “actively laundered” the stolen digital currency through several different crypto exchanges, “some of which are not located in the United States.”

As covered on CryptoGlobe, employees of US-based phone carrier AT&T had been accused by a cryptocurrency investor of being complicit, or involved, in the theft of $24 million in digital currency from his wallet. The hacker(s) had allegedly used a SIM swapping technique to steal the victim’s phone number and other private information in order to gain access to his funds.

Last month, CryptoGlobe also reported that an alleged 19-year-old SIM swapper named Xzavyer Narvaez had gained access to phone numbers and passwords belonging to several crypto investors. Narvaez then reportedly used the stolen funds to purchase luxury vehicles.