Monday, November 11, 2024
HomeCyber AttackT-Mobile Decides To Settle $350 Million For Massive 2021 Data Breach

T-Mobile Decides To Settle $350 Million For Massive 2021 Data Breach

Published on

Malware protection

A class-action lawsuit brought by a group of customers against T-Mobile relating to the 2021 hack has been settled for $500 million. Approximately 76.6 million US residents’ personal information has been exposed due to this data breach.

T-Mobile is claiming that as part of the proposed agreement, it will contribute $350 million to a settlement fund that will be used for:-

  • Lawyers
  • Fees
  • People who file claims

Moreover, the company will have to spend $150 million over the next two years (2022 and 2023) to deal with data security and related technologies.

- Advertisement - SIEM as a Service

Data Breach

Over 100 million records of the company’s customers were being sold on the black market after their systems were breached. The types of data that were compromised are listed below:-

  • Social Security numbers
  • Names
  • Addresses
  • Driver’s license information

There is still a need for a judge to approve the proposed settlement agreement before it becomes effective. 

T-Mobile, however, will have 10 days to put money into the fund if it is approved, so that it can notify the people who are eligible for the fund to pay for the costs.

There are no estimates contained in the settlement agreement as to how much each claimant will likely receive based on the settlement agreement. 

The problem is that it is incomprehensible to estimate such a thing until an exact number of people is known who will file claims for compensation.

Lawsuit

It is alleged that T-Mobile will be forced to settle a class-action lawsuit that accuses it of:-

  • Failing to protect customers’ data
  • Not properly notifying people impacted
  • Inadequate data security

During the settlement negotiations, T-Mobile denied many of these allegations and argued that the agreement was not an admission of guilt. 

Under the terms of a proposed agreement submitted to the Securities and Exchange Commission, T-Mobile states that under certain conditions outlined in the proposed agreement, it is capable of terminating the agreement at any time. 

Despite this, they acknowledge that they will have to compensate the impacted customers. The data breach that occurred at T-Mobile was not the only response to the data breach, as there have been other responses as well. 

Moreover, T-Mobile has also been accused of selling users’ information to marketers according to another report that appeared recently.

While it has been reported that T-Mobile has just launched a new program known as App Insights. In just over a year, it has gone from being a beta program to being fully operational.

A revised version of the FCC’s (Federal Communications Commission) rules on such attacks was proposed earlier this year. As a result of these new rules, companies and the people they serve will be able to communicate better with each other.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates.

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Sweet Security Announces Availability of its Cloud Native Detection & Response Platform on the AWS Marketplace

Customers can now easily integrate Sweet’s runtime detection and response platform into their AWS...

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...

New Android Malware SpyAgent Taking Screenshots Of User’s Devices

SpyAgent, a newly discovered Android malware, leverages OCR technology to extract cryptocurrency recovery phrases...

Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays

In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Researchers Detailed Credential Abuse Cycle

Cybercriminals exploit leaked credentials, obtained through various means, to compromise systems and data, enabling...

Threat Actors Allegedly Claim Leak of 489 Million Lines of Instagram Data

A threat actor has allegedly scraped 489 million lines of Instagram user data, including...

Threat Actors Allegedly Claim Leak of Harley-Davidson Database

Threat actors known as "888" have allegedly leaked the database of Appleton Harley-Davidson, a...