In this news:
This Feb. 24, 2021 photo shows a T-Mobile store at a shopping mall in Pittsburgh. T-Mobile said ... More Wednesday, Aug. 18, that customers’ first and last names, date of birth, Social Security numbers, and driver’s license/ID information were exposed. (AP Photo/Keith Srakocic)
Copyright 2021 The Associated Press. All rights reserved
In August of 2021 hackers offered for sale on the Dark Web data of what they said was 100 million customers of phone carrier T-Mobile. This was the first indication that T-Mobile had been hacked. Soon hereafter T- Mobile confirmed the data breach but said that the number of people affected was approximately 76 million people. The information being sold included names, phone numbers, Social Security numbers and addresses. Also being sold were the PINS used by some T-Mobile customers to protect their accounts from identity theft. This type of information poses a tremendous threat of identity theft to victims of the data breach, which was the sixth for T-Mobile in the last four years.
Social Security numbers can be used by identity thieves to apply for credit cards and loans in your name. In addition, the phone numbers and the fact that the victims of the data breach were known to be T-Mobile customers enabled the hackers to create phony phishing text messages posing as T-Mobile to lure the targeted victims into clicking on links in the text messages that would download destructive malware.
As a result of T-Mobile’s history of inadequate cybersecurity, the FCC brought legal action against T-Mobile which it settled in 2024. According to the terms of the settlement, T-Mobile agreed to pay a $15.75 million civil penalty as well as allocate an additional $15.75 million into strengthening its cybersecurity program. As is typical in settlements such as this, T-Mobile did not admit it did anything wrong and promised not to do it again.
In addition to the FCC lawsuit, a class action on behalf of victims of the data breach was filed and eventually settled in 2022 for $350 million. Customers could claim reimbursement for out-of-pocket losses and lost time due to dealing with the effects of the data breach. Other victims could make a claim for a cash payment of $25 or $100 if they were a California resident. Now, three years later checks are going out this month to victims of the data breach. Any funds left over from the $350 million dollars T-Mobile agreed to pay pursuant to the settlement after the disbursements are made this month will be split equally among all of the victims of the data breach.
When it comes to data breaches, it is not a matter of if you will become a victim, it is a matter of when. Verizon publishes an annual report about data breaches. This year’s report confirmed 12,195 data breaches last year, which is an increase of 34% over the previous year. More than 1.35 billion people were affected by data breaches last year.
.png)
