T-Mobile has agreed to pay $500 million to settle a class action lawsuit concerning the massive data breach it suffered in August last year. The settlement proposal is pending court approval, which may take months or longer depending on appeals and other proceedings.
The data breach that T-Mobile suffered last year was one of the biggest ever in the wireless industry. It compromised the personal information of “approximately 76.6 million” T-Mobile customers. Reports suggest that leaked data included personally identifiable information such as names, addresses, ID cards, and Social Security Numbers.
A class action lawsuit was filed against T-Mobile over this breach. The lawsuit is pending in the US District Court for the Western District of Missouri. Meanwhile, the carrier has agreed to settle the case with a payment of $500 million.
According to the company, $350 million of this amount would go to fund its customers covered under the class action and the lawyers representing them. This should mean a payout of less than $5 to every affected T-Mobile customer. The final amount will depend on the lawyers’ fee and the number of customers who respond to the settlement. The company will notify concerned customers about the settlement. The whole process may take months to complete. The self-proclaimed Un-carrier expects the settlement to receive court approval by December.
T-Mobile will strengthen its data security as part of this settlement
T-Mobile will spend the remaining $150 million of the settlement amount to strengthen its security technologies in 2022 and 2023. The company certainly needs to work in this regard. Because it suffered not one but three data breaches within a year, between December 2020 to December 2021. The other two breaches weren’t as massive as the August one, but they do point fingers toward the company’s security measures. Worse yet, it had suffered two more breaches in the previous three years.
The carrier is now pledging to improve its security measures in the coming years. In an official statement, T-Mobile said that it has doubled down on its “extensive cybersecurity program” over the past year. The company has created a Cybersecurity Transformation Office that reports directly to CEO Michael Sievert. It is also collaborating with “industry experts” to design strategies and execute cybersecurity plans.
Additionally, T-Mobile is “conducting nearly 900,000 training courses for employees and partners” to prevent these kinds of breaches in the future. “As we continue to invest time, energy, and resources in addressing this challenge, we are pleased to have resolved this consumer class action filing,” the company concluded the statement.