T-Mobile Data Breach

WHO WAS AFFECTED?

The 2021 T-Mobile data breach affected 7.8 million subscribers, as well as 40 million people who had applied for credit with T-Mobile, on or before Aug. 19, 2021.

WHAT INFORMATION WAS STOLEN?

T-Mobile revealed to the public that stolen data includes full names, birthdates, social security numbers and driver’s license information of at least 7.8 million current T-Mobile customers and accessed the records of 40 million people who had previously applied for credit with T-Mobile.

T-Mobile also reported that approximately 850,000 active T-Mobile prepaid customers names, phone numbers and PIN numbers were exposed, as well as up to 52,000 names of customers related to current Metro by T-Mobile accounts.

2021 T-MOBILE DATA BREACH EXPLAINED

According to an interview, the hacker carried out the data breach on or around Aug. 14, 2021, using “a simple tool available to the public” and was easily able to obtain and steal this sensitive information. Reports state that T-Mobile left an unprotected router exposed, allowing the cybercriminal to conduct T-Mobile’s fifth data breach in the past four years.

Due to T-Mobile’s lax data security, the anonymous hacker was able to illegally compromise various T-Mobile databases and gain access to highly sensitive information of current, former and prospective customers. On Aug. 15, 2021, the hacker posted for sale a collection of highly sensitive personal information containing 30 million social security numbers and drivers’ license information stolen from T-Mobile’s servers. The hacker also claimed to have additional personal data related to more than 100 million T-Mobile customers.

According to reports, a security and risk analyst at Forrester Research describes T-Mobile’s July 2021 data breach as “the worst breach they’ve had so far.” In an interview with The Wall Street Journal, the hacker of the attack in July 2021 said that T-Mobile’s data security is “awful.”

DATA BREACH IMPACTS

T-Mobile customers whose data was stolen in the 2021 T-Mobile data breach were urged to take steps to protect themselves and mitigate the damages caused by the data breach. According to reports, identity theft is the most common consequence of a data breach and occurs to about 65% of data breach victims. Consumers lost more than $56 billion to identity theft and fraud in 2020 alone, and over 75% of identity theft victims reported emotional distress.

Because T-Mobile did not protect its data properly, victims of the July 2021 T-Mobile data breach will be forced to take all steps possible to mitigate damages caused by the breach. Those whose data was compromised likely faced out-of-pocket costs for obtaining credit reports, credit freezes, credit monitoring services and other protective measures to deter and detect identity theft.

YOUR CONSUMER RIGHTS

T-Mobile promised customers privacy and protection, yet millions of customers’ personal information was compromised and posted for sale online, putting them at high risk for identity theft and ongoing fear of financial and personal anguish. The lawsuit brought claims of negligence and violations of state consumer protection laws and sought to secure financial relief for the millions of consumers impacted by the breach. The lawsuit also sought improvements from T-Mobile to ensure the protection of their customer’s personal data.

TOP CONSUMER RIGHTS FIRM

Hagens Berman is one of the most successful litigation law firms in the U.S. and has achieved more than $320 billion in settlements against some of the nation's largest conglomerates. Hagens Berman is currently pursuing a similar case against T-Mobile for a 2022 data breach that affected 37 million people.