T-Mobile agrees to pay out $350 million to customers affected by last year’s data breach

Wireless carrier T-Mobile has agreed to a hefty $350 million payout to the approximately 77 million customers who were affected by a massive data breach last year that leaked information like social security and driver’s license numbers.

The payout comes after a class action lawsuit was filed against T-Mobile following the August announcement of the data breach. The data was reportedly sold online on criminal websites after it was obtained from the T-Mobile database.

T-Mobile initially estimated at the time that anywhere between 40 million and 100 million users had some data stolen, and under a million had information like personal identification numbers fully exposed. According to the SEC, 76.6 million United States residents were identified as being affected by the breach. 

The 2021 breach is not the first time T-Mobile customers have had their personal information stolen. According to TechCrunch, the 2021 incident is the fifth time in recent years the company has experienced data theft. As part of the settlement, T-Mobile also agreed to spend an additional $150 million to improve data security to prevent any future attacks.

According to Reuters, John Binns, a 21 year old American expat who had recently moved to Turkey, claimed responsibility for the data theft, saying he had found an unsecured router and used it to hack into the T-Mobile database. “Their security is awful,” said Binns to the Wall Street Journal. “I was panicking because I had access to something big.”