T-Mobile Facing Another Lawsuit Over 2021 Data Breach - MacRumorsOpen MenuShow RoundupsShow Forums menuVisit ForumsOpen Sidebar
Skip to Content

T-Mobile Facing Another Lawsuit Over 2021 Data Breach

by

T-Mobile has been sued a second time over a 2021 data breach that impacted 80 million T-Mobile users. The consumer protection lawsuit comes from Washington State Attorney General Bob Ferguson, who says that T-Mobile had years to "fix key vulnerabilities" that could have prevented the data breach.

T Mobile Generic Feature Pink 1
According to Ferguson, T-Mobile knew that its systems had certain cybersecurity vulnerabilities, and the company did not do enough to address them. T-Mobile is also accused of misleading customers about its security practices, not notifying Washingtonians of the data breach in a timely matter, and downplaying the severity of the breach.

For years prior to August 2021, T-Mobile did not meet industry standards for cybersecurity and knew about these vulnerabilities. These included insufficient processes for identifying and addressing security threats and a systemic lack of oversight. In some cases, T-Mobile used obvious passwords to protect accounts that had access to customers' sensitive personal information. The 2021 breach was enabled, in part, when the hacker guessed obvious credentials to gain access to T-Mobile's internal databases.

T-Mobile's systems were breached in March 2021, but T-Mobile did not learn of the attack until August 2021. Hackers were able to obtain names, phone numbers, addresses, birth dates, social security numbers, driver's license and ID info, IMEI numbers, and IMSI numbers from T-Mobile customers, and that data was sold.

The hacker behind the attack said that T-Mobile's security was "awful" and that the breach occurred when an unprotected T-Mobile router was discovered, which led to access of T-Mobile's Washington data center.

T-Mobile apologized for the data breach and promised to prevent a future attack by establishing long-term partnerships with cybersecurity experts.

The lawsuit is seeking restitution for Washingtonians that were harmed in the data breach, along with injunctive relief to require improvements to T-Mobile's cybersecurity practices.

T-Mobile already paid $350 million to settle a class action lawsuit over the data breach in 2022, and it was fined $60 million by the Committee on Foreign Investment in the US (CFIUS) for failing to prevent or disclose unauthorized access to sensitive customer data.

Tag: T-Mobile

Popular Stories

tmobile starlink

T-Mobile Customers Can Now Use Satellite Connectivity in Canada and New Zealand

Monday May 4, 2026 1:09 pm PDT by
T-Mobile's Starlink satellite connectivity is now available for T-Mobile users who are traveling in Canada and New Zealand. T-Mobile users have previously had access to cellular connectivity through roaming agreements in Canada and New Zealand, and now T-Satellite connectivity is included. Canada satellite coverage is enabled through Rogers Satellite, and in New Zealand, satellite coverage...
Read Full Article18 comments
Apple Card iPhone 16 Pro Feature

Apple Card Promo to Offer Free AirPods Pro 3

Friday May 15, 2026 8:59 am PDT by
Starting as early as next week, customers who sign up for an Apple Card at Apple's retail stores in the U.S. will receive $249 cash back when they purchase AirPods Pro 3, according to Bloomberg's Mark Gurman. The promotion has yet to be officially announced by Apple, so exact terms and conditions are not available at this time. AirPods Pro 3 are priced at $249 in the U.S., so customers who...
Read Full Article46 comments
Apple WWDC25 iOS 26 CarPlay Light mode 250609

Six Popular iPhone Apps Now Available on CarPlay

Thursday May 14, 2026 9:10 am PDT by
Apple's CarPlay system for accessing iPhone apps on a vehicle's dashboard screen has received six popular apps in recent weeks: ChatGPT, Perplexity, Grok, Google Meet, WhatsApp, and the indie artist streaming platform Audiomack. Make sure you have the latest version of each app and they will automatically appear on CarPlay. ChatGPT Starting with iOS 26.4, CarPlay supports voice-based...
Read Full Article29 comments

Top Rated Comments

pdaholic Avatar
pdaholic
18 months ago
Why do they need social security and driver’s license numbers?!?
Score: 6 Votes (Like | Disagree)
Student of Life Avatar
Student of Life
18 months ago
Again fine not only the company but also make its executives offices personally liable. That’s how you get real accountability, when it impacts them personally.
Score: 6 Votes (Like | Disagree)
sw1tcher Avatar
sw1tcher
18 months ago

Why do they need social security and driver’s license numbers?!?
Social security number is needed to run a credit check since T-Mobile is basically extended credit to you when they provide post-paid mobile service, discounted or free mobile phones, etc.

How else are they going to get their money back if a customer fails to pay for service and runs off with a bunch of free iPhone 16 Pro's ('https://www.t-mobile.com/news/offers/t-mobile-iphone-16-apple-watch-10-savings')?



Attachment Image
Score: 4 Votes (Like | Disagree)
coffeemilktea Avatar
coffeemilktea
18 months ago
Maybe if the cost of lawsuits becomes greater than the cost of implementing proper security measures, T-Mobile will actually start doing a good job when it comes to cybersecurity? 🤪
Score: 4 Votes (Like | Disagree)
L
Light_of_Consciousness
18 months ago

AT&T, you are next! 🤬
Seriously, I hope they get it good.
Score: 4 Votes (Like | Disagree)
B4U Avatar
B4U
18 months ago
AT&T, you are next! 🤬
Score: 4 Votes (Like | Disagree)
Read All Comments