https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Shutterstock

Court financial settlement

T-Mobile to Pay $350 Million Settlement in Data Breach Class-Action Lawsuit

  • Written by Edward Gately
  • July 25, 2022
T-Mobile also will spend $150 million on data security and related technology.

T-Mobile has agreed to pay $350 million to customers in a class-action lawsuit related to personal information stolen in a 2021 cyberattack.

T-Mobile disclosed the proposed settlement in a U.S. Securities and Exchange Commission filing. The lawsuit is pending in the U.S. District Court for the Western District of Missouri. The proposed settlement remains subject to preliminary and final court approval.

If approved by the court, under the terms of the proposed settlement, T-Mobile would pay $350 million to fund claims submitted by class members, the legal fees of plaintiffs’ counsel and the costs of administering the settlement. It also would commit to spending $150 million for data security and related technology in 2022 and 2023.

The court could approve the settlement in December. However, appeals or other proceedings could delay it. T-Mobile can terminate the agreement under certain conditions.

Multiple T-Mobile Data Breaches

T-Mobile has disclosed numerous data breaches since 2018. Most recently, T-Mobile confirmed a data breach by the Lapsus$ extortion gang. It used stolen credentials and gained access to internal systems.

T-Mobile sent us the following statement regarding the class-action lawsuit settlement:

“Customers are first in everything we do and protecting their information is a top priority. Like every company, we are not immune to these criminal attacks. Our efforts to guard against them continue, and over the past year we have doubled down on our extensive cybersecurity program to enhance existing programs.”

Program enhancements include:

  • Creating a cybersecurity transformation office that reports directly to T-Mobile‘s CEO, and adding more talent with decades of cyber strategy experience and leadership.
  • Engaging in long-term collaborations with Mandiant, Accenture and KPMG to design strategies and execute plans to further transform its cybersecurity program.
  • Committing to investing hundreds of millions of dollars to enhance T-Mobile’s cybersecurity tools and capabilities.
  • Conducting nearly 900,000 training courses for employees and partners across the company to understand their role in these efforts.

“As we continue to invest time, energy and resources in addressing this challenge, we are pleased to have resolved this consumer class action filing,” T-Mobile said.

No Admission of Wrongdoing

If approved, the settlement will resolve all claims brought by current, former and prospective customers impacted by the 2021 cyberattack. It contains no admission of liability, wrongdoing or responsibility.

Casey Ellis is founder and CTO of Bugcrowd.

Bugcrowd's Casey Ellis

Bugcrowd’s Casey Ellis

“On one hand, $350 million is a lot of money, and is a clear signal of the kinds of recovery and punitive costs which can be involved when a breach like this takes place,” he said. “On the other hand, 40 million records were involved in this breach overall. And a per-record penalty of $8.75 for losing something as impactful and difficult to protect and replace as a Social Security number seems like T-Mobile managed to get off fairly lightly here. Given this isn’t the only security issue affecting T-Mobile user data over the past few years, I’m pleased to see that the pain of staying the same has exceeded the pain of change, and that they’ll be investing in improving user data security in a focused and proactive way in response to this.”

T-Mobile ‘Repeatedly Lax’ with Controls

John Bambenek is principal threat hunter at Netenrich. He said the settlement represents less than half of 1% of T-Mobile’s annual revenue.

Netenrich's John Bambenek

Netenrich’s John Bambenek

“Their stock price is up 2% today, at the present time,” he said. “Certainly T-Mobile needs to do better. But with those numbers, I wouldn’t be expecting any major culture shifts anytime soon.”

Oliver Tavakoli is CTO at Vectra.

“T-Mobile has repeatedly been lax in applying minimally acceptable controls to prevent these violations of end user’s privacy and is now paying a fine the size of which should make other organizations take notice,” he said.

Some of the data leaked was private information T-Mobile collected from individuals whose applications for phones it rejected, Tavakoli said. It collected that information several years prior to the breaches.

“[That’s] information which they had no rationale to even keep,” he said.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.
Tags: Agents VARs/SIs Best Practices Mobility & Wireless Regulation & Compliance SDN/SD-WAN Security Technologies

Most Recent


  • Restructuring
    CEO on Rackspace Restructuring: ‘We’re Excited About … 2 Business Units’
    Kevin Jones gave analysts some insight into upcoming changes at the giant managed service provider.
  • application portfolio modernization
    Adaptiv Networks' SD-WAN Joins OTG Consulting Portfolio
    Adaptiv Networks SD-WAN will help OTG agents move customers from PSTN to UCaaS.
  • Black Hat logo
    Black Hat USA 2022: DNSFilter, NetWitness, BlackBerry, CrowdStrike, More
    The event marks the 25th Black Hat USA.
  • partner portal
    GoTo Promotes Chief Product and Technology Officer to CEO
    He will accelerate innovation and growth in the SMB space, the company said.

One comment

  1. Avatar norma martinez July 27, 2022 @ 3:08 pm
    Reply

    I’m “thrilled” that T-Mobile will be spending to ENHANCE their security..
    However, where does that leave me?! T-Mobile using CLASS-ACTION SUIT to: (resolvimg claims brought to current customer impacted by the 2021 cyberattack in the amount of $8.75)!! Wow!! My info was affected and as well as, ss#, bank card #’s, etc. I am a victim of “identity theft” with my cards being used and “max’d-out”!!! Money I had to pay back.
    There has to be better #’s to show how much they really care.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Making Waves
    7 Channel People Making Waves This Week at AWS, Verizon, Bugcrowd, More
  • Built IT LIVE '22 expo hall
    Images: Build IT Live '22 Expo Hall Featuring ThreatLocker, Cytracom, Datto
  • Acquisition Fish
    The Gately Report: Cerberus Sentinel Acquisition Spree Benefits MSPs, MSSPs
  • North Korea hacker
    U.S. Doubles Reward for Information on North Korea Cyberattackers

Upcoming Events

View all

MSP Summit

September 13, 2022 - September 16, 2022

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Galleries

View all

Black Hat USA 2022: DNSFilter, NetWitness, BlackBerry, CrowdStrike, More

August 10, 2022

Samsung Unpacks Galaxy Z Fold4 Foldable Phone with Multitasking PC Features

August 10, 2022

Images: Telarus Hosts Partner Summit, Gives Partner, Supplier Awards

August 5, 2022

Industry Perspectives

View all

Seize the Application Modernization Opportunity

August 2, 2022

A Growth Mindset: Your Organization’s Strategic Differentiator

August 1, 2022

Timely Tips for Non-Negotiable Patch Updates

July 29, 2022

Webinars

View all

Outsmarting RaaS: Implementation Strategies To Help Your Clients Before, During, and After a Ransomware Attack

August 23, 2022

Why it is Important to Upgrade Aging Servers and How to use Live Optics to Upgrade Efficiently

August 25, 2022

Executives at Home are Not Alright: An Intro to Digital Executive Protection

September 8, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

ThreatLocker Preaches Zero Trust, Addresses Industry Competition

ScienceLogic Debuts New Partner Portal

August 9, 2022

Vonage a ‘Single Communications Stack Provider’ for Partners, Customers

June 27, 2022

IBM, Partners and the $1 Trillion Hybrid Cloud Opportunity

June 26, 2022

Twitter

ChannelFutures

Read about @adaptivnetworks's new distribution partner. dlvr.it/SWQFh3 https://t.co/az12SeMU7X

August 10, 2022
ChannelFutures

A succession crisis has been brewing in the channel. Are you thinking about how to develop leaders?… twitter.com/i/web/status/1…

August 10, 2022
ChannelFutures

Looking for clues about the upcoming #Rackspace #restructuring? We have a little insight from yesterday’s earnings… twitter.com/i/web/status/1…

August 10, 2022
ChannelFutures

Ready for more @GoogleCloud in #AsiaPacific? Find out where channel partners will be able to take advantage of new… twitter.com/i/web/status/1…

August 10, 2022
ChannelFutures

[email protected] has been a key figure in both the TSB market and the channel DE&I community. @Telarus… twitter.com/i/web/status/1…

August 10, 2022
ChannelFutures

.@SamsungMobileUS launches new #GalaxyZFold4 and Galaxy ZFlip 4 at #SamsungUnpacked. dlvr.it/SWP38j https://t.co/nY6KLrk1E4

August 10, 2022
ChannelFutures

#BHUSA kicks off with news from @DNSFilter, @NetWitness, @BlackBerry, @CrowdStrike, more. dlvr.it/SWNvrj https://t.co/oDI6vf5CdX

August 10, 2022
ChannelFutures

Get to know @ScienceLogic and its new channel leader ahead of @MSP_Summit. #MSPSummit @Channel_Expo… twitter.com/i/web/status/1…

August 9, 2022

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X