T-Mobile Data Breach Lawsuit 2023

Another group of lawyers filed a class action lawsuit against T-Mobile for the data breach. Under the settlement, T-Mobile has agreed to pay an amount equal to about $4.60 per person affected by the data breach. California residents may receive $100 (though the actual amount will likely be significantly less), unless they can provide documentation showing other losses. We think we can achieve a better result than what is provided in the class action.

More information on the settlement can be found here.

T-Mobile sent direct notice either through text or email to current (and some former) customers who were affected by the data breach. If you received direct notice from T-Mobile, letting you know that you were affected, contact our law firm for a free, confidential evaluation of your claims.

Unfortunately, T-Mobile did not provide direct notice to all former customers who were affected and instead elected to use substitute notice by posting a webpage with the message “assume you are affected.” If you are a former T-Mobile customer who did not receive notice, our law firm may be able to conduct an independent investigation for you to confirm if you were affected. Contact us now for a confidential evaluation of your potential claims.

We have 1,000’s of individual clients like who are affected by the data breach. We will be filing individual arbitrations on behalf of each of our clients. That means that we represent each individual in their own proceeding, and we can seek to resolve their claim individually. In contrast, most people will get less than $100 from the class action settlement.

News of a massive data breach began to make waves on Sunday, August 15, when Vice.com reported that hackers posted on an underground forum claiming to have data of millions of individuals for sale. Motherboard later confirmed that the information came from T-Mobile servers. The following day, T-Mobile officially announced that it suffered a cyberattack.

Reliable reporting indicates that the T-Mobile breach affects 7.8 million current customers, 40 million former customers, and 850,000 active prepaid customers. For the 7.8 million current customers, the hackers also obtained phone numbers, IMEI, and IMSI information, which puts those individuals at serious risk of SIM swapping fraud. SIM swapping fraud is when someone can convince a phone carrier that they are someone else and have that person’s phone number switched to their control. This means that hackers can obtain more sensitive data, in addition to obtaining the tool that many use for two-factor authentication.

Other information compromised in the attack includes:

• names
• date of birth
• phone numbers
• Social Security numbers
• driver’s license/ID numbers

The disclosure of this sensitive information puts T-Mobile customers at substantial risk of identity theft and devastating financial fraud.

Data breach victims may have various claims depending on their states. Certain states give citizens up to $1000 for helping to enforce their data breach laws. There is currently no federal law that provides claims in the case of a data breach. Contact our consumer protection attorneys to see if you may be eligible for a claim under your state’s laws.

Under the California Consumer Privacy Act (CCPA), a consumer may bring a civil claim for damages if they were victims of a data breach. Under the act, consumers may recover statutory damages between $100-$750 or actual damages, whichever is greater, to compensate for any fraud, time spent, or any credit monitoring product consumers purchased in response to the breach. The act also allows consumers to seek injunctive or declaratory relief as well, which could mean that a company would need to take steps to prevent more data breaches and future harm to consumers.

Our law firm may be able to help you obtain additional compensation through a legal claim, as well as force T-Mobile to improve its’ data protection practices. If we don’t recover money for you, you won’t owe us anything.

T-Mobile is offering two free years of credit monitoring on its data breach website, but the credit monitoring offered as part of a data breach is not always as good as what you can get on the commercial market. The FTC recommends the consumers enroll in a credit monitoring service available on the commercial market in addition to placing a credit freeze and fraud alerts on their credit report. Additionally, anyone who has or believes they have suffered identity theft should also visit IdentityTheft.gov to report it.

To prevent SIM swapping fraud, T-Mobile also recommends that current customers activate the Account Takeover Protection service in addition to changing your account PIN and password. For former customers, other carriers also have similar account takeover protection services available. Former customers should also change their PIN if they used the same or similar PIN as their T-Mobile account.

This is not the first time T-Mobile has failed to protect its customer’s data. T-Mobile has reportedly suffered five recent data breaches. Most recently, in December 2020, which affected 200,00 customers and disclosed phone numbers among other information. Another, in March 2020, which exposed T-Mobile customer’s financial information, Social Security number, and other account information. And again, in 2019 and 2018 where roughly 2 million customers had personal information compromised.