T-Mobile to pay $350 million over 2021 data breach

T-Mobile has agreed to pay $350 million and invest another $150 million in data security improvements to settle litigation over the 2021 data breach that impacted over 76 million T-Mobile customers.

According to Reuters, the preliminary settlement was filed with the federal court in Kansas City, Missouri and is subject to a judge’s approval potentially by the end of this year.

T-Mobile disclosed the data breach in August 2021 and said at the time more than 47 million current, former or prospective customers were affected. However, the number soon grew over 50 million and eventually surpassed 76 million T-Mobile customers after it was discovered an additional 26 million people’s personal data was accessed via unauthorized means.

T-Mobile confirmed affected record types stolen in the breach included: names, home addresses, birth dates, driver’s licenses, and Social Security numbers.

A 21-year old American, John Binns, who moved to Turkey a few years earlier, admitted to the hacking. Binns explained to the Wall Street Journal that he exploited an unprotected router exposed on the internet to penetrate T-Mobile’s defenses and steal the data.

Related Articles