On August 18, 2021, following a thorough data breach investigation, T-Mobile USA Inc. found that the personal information of approximately 7.8 million current postpaid customers seemed to have been part of the tranche of data recently hacked and put on the dark web for sale. Furthermore, the confidential information of over 40 million former or applicant customers was also hacked in the data breach. However, breaking news covering this alarming issue has revealed that the number of affected T-Mobile users is currently 53 million.
The cyberattack took place on August 15, 2021, when a hacker was discovered selling 30 million Social Security numbers on the Internet. They were requesting 6 bitcoins, whose cash equivalent is around $277,000, for a collection of data that included this information, as well as numbers of driver's licenses, names, and phone numbers.
While the vast majority of customers have not had their phone numbers, account numbers, PINs, passwords, or financial information stolen in the breach, T-Mobile is still responsible for failing to adequately protect the sensitive information of customers, as well as for holding onto it for so long when this was most likely unnecessary. Speaking from a legal perspective, the company violated the California Consumer Privacy Act, which is why it is now facing not one but two class-action lawsuits that were filed a day after the incident had come to light in the U.S. District Court for the Western District of Washington.
If you are a customer of T-Mobile, you may wonder what specific confidential information of yours may have leaked. The following are only some of your personal information that a third party may now have access to as a consequence of the unacceptable negligence of the company:
Despite the fact that T-Mobile insists that the Social Security numbers and the ID information of customers have not been stolen, multiple plaintiffs involved in the ongoing lawsuits argue to the contrary. For instance, Veera Daruwalla of Kern County, California, has spent hours addressing privacy concerns that stem from the data breach, such as reviewing financial and credit statements for proof of unauthorized activity.
Due to the aftermath of the data breach, T-Mobile has implemented a series of precautions on behalf of affected customers. Accordingly, the company is offering 2 years of identity protection from McAfee's ID Theft Protection Service, and it has also reset the PINs of the 850,000 prepaid customers who had this information compromised. T-Mobile is encouraging every current postpaid customer to change their PIN as well and is providing a service known as Account Takeover Protection to help prevent SIM-swap attacks. The company is also offering the customers involved 24 months of complimentary credit monitoring, but the plaintiffs in the 2 lawsuits argue that this is "inadequate," as it places the burden of spending time signing up for the service on the wronged people.
The following are the steps T-Mobile is advising current, former, and prospective customers to take in order to protect their personal information that has not yet leaked:
"We take our customers' protection very seriously, and we will continue to work around the clock on this forensic investigation to ensure we are taking care of our customers in light of this malicious attack. While our investigation is ongoing, we wanted to share these initial findings even as we may learn additional facts through our investigation that cause the details above to change or evolve," said one spokesperson of the company.
As previously mentioned, there are currently 2 ongoing lawsuits against T-Mobile alleging outrageous negligence on behalf of the company with regard to data privacy, both filed in Washington. The plaintiffs say that their identities "are now at considerable risk because of T-Mobile's negligent conduct since the private information that T-Mobile collected and maintained is now in the hands of data thieves." People who have been the victims of this data breach may have to deal with losing considerable time and a lot of money to handle the fallout of the information leakage, such as paying for protective measures.
Because the confidential information of so many people has been illegally accessed due to lack of cautiousness and it can be used to cause the victims of data breach harm, T-Mobile may have to settle the lawsuits for significant amounts of money. We may witness other similar lawsuits filed in the near future against the company, as well as more and more people joining the existing ones. The lawyer who represents Daruwalla states that T-Mobile violated the California Consumer Privacy Act by failing to shield the nonencrypted personally identifiable information of customers "from unauthorized access and exfiltration, theft, or disclosure as a result of Defendant's violations of its duty to implement and maintain reasonable security procedures and practices appropriate to the nature of the information."
Another plaintiff, Stephanie Espanoza, accuses T-Mobile of acting negligently by failing to offer proper security. The woman, who lives in Los Angeles, also blames the company for violating the Washington State Consumer Protection Act by committing unjust acts such as providing weak data security. Privacy advocates have been promoting the concept of data minimization for a long time, and the General Data Protection Regulation that is effective throughout Europe embodies the practice, which requires personal data to be "adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed." Unfortunately, the United States has no equivalent to this law at the moment, which is one of the reasons the major data breach affected T-Mobile.
Obviously, in order to become eligible to file a claim with T-Mobile, you have to be a current, former, or prospective customer of the company. If you received a breach notice from T-Mobile and have experienced identity theft or fraud, you may be entitled to compensation from the company for your financial losses and other damages. In other words, your personal information must be in the database of the company and must have been stolen during the breach and used to cause you harm. These are the requirements you have to meet if you intend to file a claim with T-Mobile.
If you had the misfortune of being the victim of fraud or identity theft as a consequence of the data breach concerning T-Mobile, we are here to offer you the assistance you need to file a claim with the company. Filing a claim will help you obtain the financial compensation you deserve for your losses, whose nature may greatly vary. All you need to do is give our team of professionals a call, explain your situation, and send the documents we will request via e-mail.
We will carefully assess your case to determine whether you qualify for compensation from T-Mobile. If we find out that you do, we will quickly put you in touch with a specialized attorney who will assist you with the next steps of the legal process. Eventually, you will obtain the maximum compensation you are entitled to for the damage you suffered. Lastly, it is important to know that these claims have a statute of limitations, which means that your time to take legal action is restricted. Consequently, we advise you to contact us as soon as you become a victim of the data breach.
10 Minutes Over the Phone
*No fees unless compensation is obtained