It sounds like he had to install malware in the call center / AT&T remote location so he could get the unlock codes remotely. "Malware" is probably not the correct term.
Once the phone is ported to another network, the original provider is basically SOL, contract or no.
Once the phone is ported to another network, the original provider is basically SOL, contract or no.