T-Mobile has agreed to pay $500 million to settle a class-action lawsuit stemming from the 2021 hack that it says exposed the data of about 76.6 million US residents. According to the proposed settlement filled out Friday, which you can read in full below, T-Mobile will put $350 million into a settlement fund to go to attorneys, fees, and of course, the people who filed the claim. It will also be obligated to spend $150 million on “data protection and related technology” during 2022 and 2023, in addition to what was already budgeted for it.
In August, the company announced that its systems had been breached, following reports that Social Security numbers, names, addresses and driver’s license information for more than 100 million of its customers were for sale. While the numbers proved slightly up, T-Mobile’s figure for how many people were affected continued to rise for the rest of the month. T-Mobile’s CEO called this security breach the fifth in four years — “humble.”
The proposed settlement agreement still has to be approved by a judge, but if so, T-Mobile will have 10 days to put the money in the fund to cover the cost of notifying eligible people to make the claim. According to the agreement, it includes “about 76.6 million US residents identified by T-Mobile whose information was compromised in the data breach,” with some warnings to some of the carrier’s employees and those close to the judges who conducted the case. presided over. , in the interest of the whole DisclosureThis could very well mean that I am eligible to apply for compensation, because I was a T-Mobile customer when the hack happened.
The settlement agreement doesn’t provide an estimate of how much each claimant can expect to receive, although it’s hard to estimate that sort of thing unless it’s clear how many people will claim.
The lawsuit that T-Mobile is hoping to settle here accuses the company of failing to protect the data of its past, current and potential customers, not properly notifying those affected, and total Combined there is “inadequate data protection”. T-Mobile denies these allegations in the settlement, saying that the settlement does not constitute an admission of guilt. In a filing with the Securities and Exchange Commission, the carrier says it has the “right to terminate the agreement under certain conditions” set out in the proposed agreement but says it anticipates paying the claims.
In addition to this lawsuit, there have been other reactions to T-Mobile’s data breach and others like it. The FCC proposed new rules surrounding such attacks, aimed at improving how companies communicate with people about their data.