T-Mobile Facing Another Lawsuit Over 2021 Data Breach

by

T-Mobile has been sued a second time over a 2021 data breach that impacted 80 million T-Mobile users. The consumer protection lawsuit comes from Washington State Attorney General Bob Ferguson, who says that T-Mobile had years to "fix key vulnerabilities" that could have prevented the data breach.

T Mobile Generic Feature Pink 1
According to Ferguson, T-Mobile knew that its systems had certain cybersecurity vulnerabilities, and the company did not do enough to address them. T-Mobile is also accused of misleading customers about its security practices, not notifying Washingtonians of the data breach in a timely matter, and downplaying the severity of the breach.

For years prior to August 2021, T-Mobile did not meet industry standards for cybersecurity and knew about these vulnerabilities. These included insufficient processes for identifying and addressing security threats and a systemic lack of oversight. In some cases, T-Mobile used obvious passwords to protect accounts that had access to customers' sensitive personal information. The 2021 breach was enabled, in part, when the hacker guessed obvious credentials to gain access to T-Mobile's internal databases.

T-Mobile's systems were breached in March 2021, but T-Mobile did not learn of the attack until August 2021. Hackers were able to obtain names, phone numbers, addresses, birth dates, social security numbers, driver's license and ID info, IMEI numbers, and IMSI numbers from T-Mobile customers, and that data was sold.

The hacker behind the attack said that T-Mobile's security was "awful" and that the breach occurred when an unprotected T-Mobile router was discovered, which led to access of T-Mobile's Washington data center.

T-Mobile apologized for the data breach and promised to prevent a future attack by establishing long-term partnerships with cybersecurity experts.

The lawsuit is seeking restitution for Washingtonians that were harmed in the data breach, along with injunctive relief to require improvements to T-Mobile's cybersecurity practices.

T-Mobile already paid $350 million to settle a class action lawsuit over the data breach in 2022, and it was fined $60 million by the Committee on Foreign Investment in the US (CFIUS) for failing to prevent or disclose unauthorized access to sensitive customer data.

Tag: T-Mobile

Popular Stories

Apple Logo Zoomed

Tim Cook Teases Plans for Apple's Upcoming 50th Anniversary

Thursday February 5, 2026 12:54 pm PST by
Apple turns 50 this year, and its CEO Tim Cook has promised to celebrate the milestone. The big day falls on April 1, 2026. "I've been unusually reflective lately about Apple because we have been working on what do we do to mark this moment," Cook told employees today, according to Bloomberg's Mark Gurman. "When you really stop and pause and think about the last 50 years, it makes your heart ...
Read Full Article148 comments
wwdc sans text feature

Apple Rumored to Announce New Product on February 19

Thursday February 5, 2026 12:22 pm PST by
Apple plans to announce the iPhone 17e on Thursday, February 19, according to Macwelt, the German equivalent of Macworld. The report, citing industry sources, is available in English on Macworld. Apple announced the iPhone 16e on Wednesday, February 19 last year, so the iPhone 17e would be unveiled exactly one year later if this rumor is accurate. It is quite uncommon for Apple to unveil...
Read Full Article
Finder Siri Feature

Why Apple's iOS 26.4 Siri Upgrade Will Be Bigger Than Originally Promised

Friday February 6, 2026 3:06 pm PST by
In the iOS 26.4 update that's coming this spring, Apple will introduce a new version of Siri that's going to overhaul how we interact with the personal assistant and what it's able to do. The iOS 26.4 version of Siri won't work like ChatGPT or Claude, but it will rely on large language models (LLMs) and has been updated from the ground up. Upgraded Architecture The next-generation...
Read Full Article154 comments
iOS 26

iOS 26.3 and iOS 26.4 Will Add These New Features to Your iPhone

Tuesday February 3, 2026 7:47 am PST by
While the iOS 26.3 Release Candidate is now available ahead of a public release, the first iOS 26.4 beta is likely still at least a week away. Following beta testing, iOS 26.4 will likely be released to the general public in March or April. Below, we have recapped known or rumored iOS 26.3 and iOS 26.4 features so far. iOS 26.3 iPhone to Android Transfer Tool iOS 26.3 makes it easier...
Read Full Article37 comments
iphone 17 pro dark blue 1

iPhone 18 Pro Max Rumored to Deliver Next-Level Battery Life

Friday February 6, 2026 5:14 am PST by
The iPhone 18 Pro Max will feature a bigger battery for continued best-in-class battery life, according to a known Weibo leaker. Citing supply chain information, the Weibo user known as "Digital Chat Station" said that the iPhone 18 Pro Max will have a battery capacity of 5,100 to 5,200 mAh. Combined with the efficiency improvements of the A20 Pro chip, made with TSMC's 2nm process, the...
Read Full Article107 comments

Top Rated Comments

Student of Life Avatar
Student of Life
14 months ago
Again fine not only the company but also make its executives offices personally liable. That’s how you get real accountability, when it impacts them personally.
Score: 6 Votes (Like | Disagree)
pdaholic Avatar
pdaholic
14 months ago
Why do they need social security and driver’s license numbers?!?
Score: 6 Votes (Like | Disagree)
B4U Avatar
B4U
14 months ago
AT&T, you are next! ?
Score: 4 Votes (Like | Disagree)
Light_of_Consciousness Avatar
Light_of_Consciousness
14 months ago

AT&T, you are next! ?
Seriously, I hope they get it good.
Score: 4 Votes (Like | Disagree)
coffeemilktea Avatar
coffeemilktea
14 months ago
Maybe if the cost of lawsuits becomes greater than the cost of implementing proper security measures, T-Mobile will actually start doing a good job when it comes to cybersecurity? ?
Score: 4 Votes (Like | Disagree)
sw1tcher Avatar
sw1tcher
14 months ago

Why do they need social security and driver’s license numbers?!?
Social security number is needed to run a credit check since T-Mobile is basically extended credit to you when they provide post-paid mobile service, discounted or free mobile phones, etc.

How else are they going to get their money back if a customer fails to pay for service and runs off with a bunch of free iPhone 16 Pro's ('https://www.t-mobile.com/news/offers/t-mobile-iphone-16-apple-watch-10-savings')?



Attachment Image
Score: 4 Votes (Like | Disagree)
Read All Comments