A T-Mobile store.

Mike Mozart/Flickr (CC-BY)

T-Mobile hit with 2 class-action lawsuits over massive data breach

Lawsuits are piling up in the wake of the massive data breach.

Photo of Andrew Wyrich 

Andrew Wyrich

Tech

Posted on Aug 23, 2021   Updated on Aug 23, 2021, 10:26 am CDT

Two class-action lawsuits have been filed against T-Mobile in the wake of a massive data breach that left millions of customers’ personal information exposed.

Overall, at least 47 million people were affected by the data breach. Motherboard first reported the hack, noting that a hacker was selling portions of the data on an underground forum. T-Mobile said it was investigating the claims, but soon confirmed the broad strokes of the data breach.

T-Mobile said the hack impacted various kinds of customers, and the data that was compromised included names, drivers’ licenses and identification information, Social Security numbers, and more.

In a suit filed late last week in the United States District Court for the Western District of Washington, it claims that T-Mobile maintained the personal information in a “reckless manner” that was “vulnerable to cyberattacks.”

“Plaintiffs’ and class members’ identities are now at considerable risk because of Defendant’s negligent conduct since the private information that T-Mobile collected and maintained is now in the hands of data thieves,” the suit reads.

Meanwhile, as Fox Business reports, another suit was filed just a few days later that says T-Mobile violated the California Consumer Privacy Act (CCPA).

“Plaintiffs now seek compensation under the CCPA and principles of common law negligence, unjust enrichment, breach of implied contract, and breach of confidence, for their damages and those of fellow class members,” the suit reads. “Plaintiffs also seek injunctive relief to ensure that T-Mobile cannot continue to put its customers at risk.”

The suit also notes that T-Mobile has had at least five data breaches over the past three years, citing news stories about them. T-Mobile says it is offering affected customers identity protection services for free over the next two years, a decision that the suit calls “insufficient.”

“As discussed above, the threat of identity theft and fraud from the data breach will extend for many years and cost plaintiffs and the classes significant time and effort,” the suit reads.

Read more of the Daily Dot’s tech and politics coverage

Nevada’s GOP secretary of state candidate follows QAnon, neo-Nazi accounts on Gab, Telegram
Court filing in Bored Apes lawsuit revives claims founders built NFT empire on Nazi ideology
EXCLUSIVE: ‘Say hi to the Donald for us’: Florida police briefed armed right-wing group before they went to Jan. 6 protest
Inside the Proud Boys’ ties to ghost gun sales
‘Judas’: Gab users are furious its founder handed over data to the FBI without a subpoena
EXCLUSIVE: Anti-vax dating site that let people advertise ‘mRNA FREE’ semen left all its user data exposed
Sign up to receive the Daily Dot’s Internet Insider newsletter for urgent news from the frontline of online.

Share this article
*First Published: Aug 23, 2021, 10:04 am CDT

Andrew Wyrich

Andrew Wyrich is the newsletter editor at the Daily Dot. He previously served as the deputy tech editor. Andrew has written for USA Today, NorthJersey.com, and other newspapers and websites. His work has been recognized by the Society of the Silurians, Investigative Reporters & Editors (IRE), and the Society of Professional Journalists (SPJ).

Andrew Wyrich