Proposed $350 million judgment in the T-Mobile breach lawsuits

6 mins read

Additionally to Making Arrangements With Victims, Telecom Company Would Invest More in Security

After a 2021 data breach that impacted around 77 million individuals, a consolidated class action lawsuit was filed against the American telecom company T-Mobile. The proposed $350 million settlement comprises the breach victims and associated legal expenses.

According to the settlement detailed in an SEC filing, T-Mobile is expected to invest an extra $150 million to strengthen its data security and associated technologies in 2022 and 2023.

Conditions of Settlement

The proposed deal, which was submitted to a Missouri federal court on Friday, would resolve a class action lawsuit that aggregated more than 40 cases brought after the U.S. telecom provider disclosed the data breach in August 2021.

According to the application, the court must still approve it, which is “anticipated as early as December 2022 but might be delayed by appeals or other actions.”

The telecommunications company asserts that it disputes every allegation contained in the complaints lodged against it, particularly those that highlight T-failure Mobile’s to protect customer data, and that the settlement does not constitute an admission of “liability, wrongdoing, or responsibility.”

According to court documents, “T-Mobile denies all material allegations of the Amended Complaint, and in particular denies that it failed to adequately protect personal information in accordance with its duties, had insufficient data security, was unfairly enriched by the use of personal data of the impacted individuals, violated state consumer statutes and other laws, and improperly or inadequately notified potentially impacted individuals.”

Some class members may receive $25 cash payouts, or $100 in California, and some may earn up to $25,000 to make up for losses, according to a Reuters report. They would also profit from two years of identity theft insurance.

According to the SEC filing, “the Company anticipates to incur a total pre-tax charge of approximately $400 million in connection with the proposed class action settlement and the individual settlements” in the second quarter of 2022. This penalty and the additional $150 million in spending were anticipated in the company’s earlier financial forecast.

August 2021 Breach

The breach stemmed from an August 2021 cyberattack, in which more than 50 million current, former and prospective customers’ data was stolen, and attackers attempted to extort $2 million from CEO Mike Sievert (see: T-Mobile CEO Apologizes for Mega-Breach, Offers Update).

Overall, more than 100 million T-Mobile data records were found for sale online after the August 2021 breach – with sensitive records including Social Security numbers, driver’s license numbers, names, addresses, birthdates, and security PINs.

The massive data breach allegedly was carried out by John Binns, a 21-year-old American who discovered an insecure router belonging to T-Mobile. After detecting the router, Binns was able to find a point of entry into a Wisconsin data center, where he began exfiltrating data. Binns told The Wall Street Journal at the time that T-Mobile’s security practices were “awful” and bragged about the attack, which he claimed he did more for recognition than monetary gain.

Repeated Attacks

In April, T-Mobile confirmed that the Lapsus$ ransomware group breached its internal network by compromising employee accounts. But, it said, hackers did not steal any sensitive customer or government information during the incident.

Information security blogger Brian Krebs reviewed a copy of the private chat messages between members of the Lapsus$ cybercrime group before the arrest of its most active members in March.

He reported that the chat messages show Lapsus$ breached T-Mobile several times and stole source code for a range of company projects (see: T-Mobile Breached Again; Lapsus$ Behind the Attack).

The Washington-based telecommunications giant fell victim to another data breach early this year that was linked to a SIM swapping attack that it said affected “a very small number” of its 105 million customers (see: T-Mobile: Some Customers Affected by SIM Swap Data Breach).

In December 2020, T-Mobile notified customers that its cybersecurity team had detected “malicious, unauthorized access” to around 200,000 customers’ accounts (see: T-Mobile Alerts Customers to New Breach).

Data from more than 1 million customers was leaked after a malicious hacker gained unauthorized access to prepaid wireless accounts in November 2019. In this instance, T-Mobile advised customers to reset their PINs (see: T-Mobile Says Prepaid Accounts Breached).

The first in this series of breaches affecting T-Mobile customers took place in August 2018, when a threat actor stole customer names, ZIP codes and other information on prepaid and postpaid accounts. Some 2.3 million customers were victimized (see: T-Mobile Database Breach Exposes 2 Million Customers’ Data).


The ancient idea tries to provide the most accurate information to its readers in all the content it publishes.