If you were a T-Mobile customer in August 2021, you may get a few dollars from the carrier in the near future. It has agreed to settle a consolidated class action lawsuit filed against the company over a data breach that exposed the personal information of 76.6 million "current, former and prospective customers." Back when T-Mobile's CEO, Mike Sievert, admitted and apologized for the breach, the carrier said the individual who hacked its network used "specialized" tools and knowledge of its infrastructure in order to gain access to its testing environment. That individual then stole customer data from the network and sold them on hacker forums.
The type of information that the bad actor sold varies per person, but it could include the name, birth date and social security number for each individual. T-Mobile got in touch with people affected by the data leak shortly after it came to light and offered them two free years of access to McAfee’s ID Theft Protection Service. Now, they're also getting monetary compensation, though it will likely be a few dollars at most. While the $350 million settlement may sound substantial, a huge chunk of that amount will go towards paying off legal fees. The rest will be divided among tens of millions of affected customers. According to the SEC filing spotted by GeekWire, the company will also spend $150 million on data security technologies throughout this year and the next.
The settlement still has to be approved by the court. But if it does, it will "resolve substantially all of the claims brought by the company’s current, former and prospective customers who were impacted by the 2021 cyberattack." You can read the full proposed settlement here.