Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

T-Mobile Sued Over Data Breach Affecting Millions of Customers

Class action lawsuits have been filed against T-Mobile over the recently disclosed data breach that has been confirmed to impact more than 50 million of the company’s customers.

Class action lawsuits have been filed against T-Mobile over the recently disclosed data breach that has been confirmed to impact more than 50 million of the company’s customers.

T-Mobile launched an investigation after hackers offered to sell 100 million customer records on the dark web. The carrier’s investigation initially confirmed that nearly 50 million former, current and prospective customers had at least some information compromised. Further analysis revealed that the breach impacted more than 54 million customers.

Compromised information includes names, phone numbers, dates of birth, social security numbers, addresses, driver’s license information, IMEI and IMSI information, and account PINs.

The company has offered two years of free identity protection services to impacted individuals, and highlighted that financial information has not been compromised.

However, it appears that is not enough for some of the affected customers and at least two class action lawsuits have been filed against T-Mobile over the incident.

One of the lawsuits was filed by Morgan & Morgan, Terrell Marshall Law Group, Arnold Law Firm, Mason Lietz & Klinger, and The Consumer Protection Firm in the Western District of Washington, with Stephanie Espanoza, Jonathan Morales and Alex Pygin named as lead plaintiffs.

The lawsuit alleges that T-Mobile “maintained private information in a reckless manner,” which has now resulted in customers being exposed to a high risk of fraud and identity theft.

“Consumers entrust their valuable, personal information to companies with the reasonable expectation that it be kept confidential and secure. T-Mobile, a leading telecommunications company, allegedly failed to fully implement a data security system to protect their customers from cyberattacks,” Morgan & Morgan attorneys said in an emailed statement. “Their alleged reckless actions and inactions have exposed customers to years of constant surveillance of their financial and personal records, monitoring, and loss of rights. We will continue to hold companies accountable and fight to ensure all institutions do more to protect people’s data.”

Advertisement. Scroll to continue reading.

The second lawsuit, also filed in Washington, names Veera Daruwalla, Michael March, and Lavicieia Sturdivant as the lead plaintiffs. This lawsuit mentions several cybersecurity incidents affecting T-Mobile over the past years in an effort to underscore the company’s repeated failure to protect user data.

“As the target of many data breaches in the past, T-Mobile knew its systems were vulnerable to attack. Yet it failed to implement reasonable security procedures and practices appropriate to the nature of the information to protect its customers’ personal information, yet again putting millions of customers at great risk of scams and identity theft,” the complaint reads.

Related: Class Action Lawsuit Filed Against SolarWinds Over Hack

Related: Class Action Lawsuit Filed Against Marriott Over New Data Breach

Related: British Airways Settles Class Action Over 2018 Data Breach

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...