United States Fines T-Mobile $60 Million for Failing to Prevent Unauthorized Access to Sensitive Customer Data

by

T-Mobile was fined $60 million by the Committee on Foreign Investment in the US (CFIUS) for negligence surrounding data breaches, reports Reuters. CFIUS penalized T-Mobile for failing to prevent or disclose unauthorized access to sensitive customer data.

T Mobile Generic Feature Pink 1
When T-Mobile merged with Sprint, it signed a national security agreement with CFIUS, which is what led to the fine earlier this year. T-Mobile is owned by German company Deutsche Telekom, and T-Mobile agreed to protect consumer data as part of the Sprint acquisition. Back in 2021, T-Mobile suffered a major breach that impacted over 100 million of its users, just a year after it acquired Sprint.

CFIUS does not typically name the companies that it fines, but T-Mobile has been called out in an effort to push companies to comply with national security rules associated with acquisitions.

In 2024, following an initial Notice of Penalty issued in 2023, CFIUS resolved an enforcement action against T-Mobile US, Inc. ("T-Mobile"), a telecommunications company, resulting in a $60 million penalty. As publicly disclosed by T-Mobile, the company entered into a National Security Agreement ("NSA") with CFIUS in 2018 in connection with T-Mobile's merger with Sprint and the foreign ownership of the resulting entity. CFIUS determined that between August 2020 and June 2021, in violation of a material provision of the NSA, T-Mobile failed to take appropriate measures to prevent unauthorized access to certain sensitive data and failed to report some incidents of unauthorized access promptly to CFIUS, delaying the Committee's efforts to investigate and mitigate any potential harm. CFIUS concluded that these violations resulted in harm to the national security equities of the United States. T-Mobile has worked with CFIUS to enhance its compliance posture and obligations and has committed to working cooperatively with the U.S. Government to ensure compliance with its obligations going forward.

T-Mobile told Reuters that it experienced technical issues when integrating with Sprint, which affected information from "a small number of law enforcement information requests." T-Mobile claims to have swiftly dealt with the issue and reported it "in a timely manner."

CFIUS said that T-Mobile's lack of timely reporting prevented CFIUS from investigating and mitigating potential harm to U.S. national security.

Tag: T-Mobile

Popular Stories

Apple Logo Zoomed

Tim Cook Teases Plans for Apple's Upcoming 50th Anniversary

Thursday February 5, 2026 12:54 pm PST by
Apple turns 50 this year, and its CEO Tim Cook has promised to celebrate the milestone. The big day falls on April 1, 2026. "I've been unusually reflective lately about Apple because we have been working on what do we do to mark this moment," Cook told employees today, according to Bloomberg's Mark Gurman. "When you really stop and pause and think about the last 50 years, it makes your heart ...
Read Full Article148 comments
wwdc sans text feature

Apple Rumored to Announce New Product on February 19

Thursday February 5, 2026 12:22 pm PST by
Apple plans to announce the iPhone 17e on Thursday, February 19, according to Macwelt, the German equivalent of Macworld. The report, citing industry sources, is available in English on Macworld. Apple announced the iPhone 16e on Wednesday, February 19 last year, so the iPhone 17e would be unveiled exactly one year later if this rumor is accurate. It is quite uncommon for Apple to unveil...
Read Full Article
Finder Siri Feature

Why Apple's iOS 26.4 Siri Upgrade Will Be Bigger Than Originally Promised

Friday February 6, 2026 3:06 pm PST by
In the iOS 26.4 update that's coming this spring, Apple will introduce a new version of Siri that's going to overhaul how we interact with the personal assistant and what it's able to do. The iOS 26.4 version of Siri won't work like ChatGPT or Claude, but it will rely on large language models (LLMs) and has been updated from the ground up. Upgraded Architecture The next-generation...
Read Full Article154 comments
iOS 26

iOS 26.3 and iOS 26.4 Will Add These New Features to Your iPhone

Tuesday February 3, 2026 7:47 am PST by
While the iOS 26.3 Release Candidate is now available ahead of a public release, the first iOS 26.4 beta is likely still at least a week away. Following beta testing, iOS 26.4 will likely be released to the general public in March or April. Below, we have recapped known or rumored iOS 26.3 and iOS 26.4 features so far. iOS 26.3 iPhone to Android Transfer Tool iOS 26.3 makes it easier...
Read Full Article37 comments
iphone 17 pro dark blue 1

iPhone 18 Pro Max Rumored to Deliver Next-Level Battery Life

Friday February 6, 2026 5:14 am PST by
The iPhone 18 Pro Max will feature a bigger battery for continued best-in-class battery life, according to a known Weibo leaker. Citing supply chain information, the Weibo user known as "Digital Chat Station" said that the iPhone 18 Pro Max will have a battery capacity of 5,100 to 5,200 mAh. Combined with the efficiency improvements of the A20 Pro chip, made with TSMC's 2nm process, the...
Read Full Article107 comments

Top Rated Comments

raythompsontn Avatar
raythompsontn
20 months ago
Great, $60 million to CFIUS, $0 million to the people actually harmed. Fines are becoming cash cows for the other entities. That fine will not be paid by T-Mobile, but by the users through increased rates. The CFIUS effectively fined the users.
Score: 29 Votes (Like | Disagree)
Student of Life Avatar
Student of Life
19 months ago
They should also directly target fines to the executive officers involved. That way the feel the real burden of their own actions. Fining the company is nice in theory but in reality the fine will be moved to the consumer.
Score: 13 Votes (Like | Disagree)
coffeemilktea Avatar
coffeemilktea
20 months ago

Back in 2021 ('https://www.geekwebguides.com/2021/08/16/t-mobile-data-breach/'), T-Mobile suffered a major breach that impacted over 100 million of its users, just a year after it acquired Sprint.
"Suffered a major breach" As I recall, T-Mobile suffered three data breaches alone in 2021 (in January, August, and December), and a total of nine data breaches overall since the start of 2018.

At this point, their CEO might as well stand out on a street corner and hand out his customers' personal data, considering their cybersecurity measures are about as useful as a screen door on a submarine. Does T-Mobile recruit their security experts from the same place Boeing gets their engineers? ?
Score: 9 Votes (Like | Disagree)
antiprotest Avatar
antiprotest
20 months ago

How about some recompense for the customers? This almost reminds me of clash action lawsuits where the attorneys get millions and the plaintiffs get a ham sandwich.
You won't even get a slice of bread. And YOU are the one paying the fine for T-mobile failing to protect you. You are the one getting punished. So the hackers win, the CFIUS wins, t-mobile is ok, and you are both hacked and fined. It's so messed up.
Score: 9 Votes (Like | Disagree)
Apple_Robert Avatar
Apple_Robert
20 months ago
I don’t buy T-Mobile’s reply. Glad they were fined.
Score: 8 Votes (Like | Disagree)
jblank Avatar
jblank
20 months ago

You won't even get a slice of bread. And YOU are the one paying the fine for T-mobile failing to protect you. You are the one getting punished. It's so messed up.
Exactly. I'm very much a free-market capitalist but corporations have too much power and influence and too little accountability, in the US today. This "penalty" and all other fines/penalties like this, should go DIRECTLY to the customer.
Score: 7 Votes (Like | Disagree)
Read All Comments