Wednesday, May 28, 2025
HomeCyber AttackT-Mobile Decides To Settle $350 Million For Massive 2021 Data Breach

T-Mobile Decides To Settle $350 Million For Massive 2021 Data Breach

Published on

SIEM as a Service

Follow Us on Google News

A class-action lawsuit brought by a group of customers against T-Mobile relating to the 2021 hack has been settled for $500 million. Approximately 76.6 million US residents’ personal information has been exposed due to this data breach.

T-Mobile is claiming that as part of the proposed agreement, it will contribute $350 million to a settlement fund that will be used for:-

  • Lawyers
  • Fees
  • People who file claims

Moreover, the company will have to spend $150 million over the next two years (2022 and 2023) to deal with data security and related technologies.

- Advertisement - Google News

Data Breach

Over 100 million records of the company’s customers were being sold on the black market after their systems were breached. The types of data that were compromised are listed below:-

  • Social Security numbers
  • Names
  • Addresses
  • Driver’s license information

There is still a need for a judge to approve the proposed settlement agreement before it becomes effective. 

T-Mobile, however, will have 10 days to put money into the fund if it is approved, so that it can notify the people who are eligible for the fund to pay for the costs.

There are no estimates contained in the settlement agreement as to how much each claimant will likely receive based on the settlement agreement. 

The problem is that it is incomprehensible to estimate such a thing until an exact number of people is known who will file claims for compensation.

Lawsuit

It is alleged that T-Mobile will be forced to settle a class-action lawsuit that accuses it of:-

  • Failing to protect customers’ data
  • Not properly notifying people impacted
  • Inadequate data security

During the settlement negotiations, T-Mobile denied many of these allegations and argued that the agreement was not an admission of guilt. 

Under the terms of a proposed agreement submitted to the Securities and Exchange Commission, T-Mobile states that under certain conditions outlined in the proposed agreement, it is capable of terminating the agreement at any time. 

Despite this, they acknowledge that they will have to compensate the impacted customers. The data breach that occurred at T-Mobile was not the only response to the data breach, as there have been other responses as well. 

Moreover, T-Mobile has also been accused of selling users’ information to marketers according to another report that appeared recently.

While it has been reported that T-Mobile has just launched a new program known as App Insights. In just over a year, it has gone from being a beta program to being fully operational.

A revised version of the FCC’s (Federal Communications Commission) rules on such attacks was proposed earlier this year. As a result of these new rules, companies and the people they serve will be able to communicate better with each other.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

MATLAB, Serving Over 5 Million Users, Hit by Ransomware Attack

MathWorks, the renowned developer of MATLAB and Simulink, has been grappling with the aftermath...

CISA Publishes ICS Advisories Highlighting New Vulnerabilities and Exploits

On May 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) released a new...

Chrome Security Patch Addresses High-Severity Vulnerabilities Enabling Code Execution

The Chrome team at Google has officially released Chrome 137 to the stable channel...

Zero-Interaction libvpx Flaw in Firefox Allows Attackers to Run Arbitrary Code

Mozilla has released Firefox 139, addressing several critical and moderate security vulnerabilities that posed...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

WordPress TI WooCommerce Wishlist Plugin Flaw Puts Over 100,000 Websites at Risk of Cyberattack

A severe security flaw has been identified in the TI WooCommerce Wishlist plugin, a...

Hackers Use Fake OneNote Login to Capture Office365 and Outlook Credentials

A recent investigation by security analysts has uncovered a persistent phishing campaign targeting Italian...

Iranian Cybergroup Toufan Targets Organizations to Steal Login Credentials

A pro-Palestinian cybergroup called Cyber Toufan, which means "cyber storm," has become a serious...