T-Mobile reaches $31.5M settlement with FCC over multiple data breaches
By 
Aaron Nicodemus2024-10-03T12:00:00
T-Mobile, which experienced three huge data breaches in the past three years, agreed to pay $31.5 million in penalties and remediation for failing to protect millions of its customers’ personal information.
As part of a settlement between T-Mobile and the Federal Communications Commission, the telecommunications giant agreed to pay a $15.75 million fine and to invest $15.75 million in cybersecurity improvements.
The personal information of approximately 37 million T-Mobile customers was compromised in a January 2023 data breach, and that the company experienced other large data breaches in 2022 and 2021, in which 76 million customer accounts were compromised. Although not part of the FCC settlement announced Monday, T-Mobile had experienced several other smaller data breaches dating back to 2018.
Related articles
-
News BriefDOJ clears $4.4 Billion T‑Mobile acquisition of UScellular
The U.S. Department of Justice arppoved T-Mobile’s acquisition of competitor UScellular. The move came a day after T-Mobile announced it had dropped its diversity, equity, and inclusion programs, a frequent target for Trump’s administration.
-
News BriefFCC probing T-Mobile after latest cyber incident affects 37M
The Federal Communications Commission launched an investigation into T-Mobile after the telecommunications giant disclosed it suffered yet another significant cybersecurity lapse exposing customer information.
-
ArticleT-Mobile to create $350M fund to settle 2021 data breach claims
T-Mobile agreed to create a $350 million fund and spend an additional $150 million on improving its data security to settle a class-action lawsuit related to a 2021 hack that exposed the personal information of more than 76 million customers.
More from Regulatory Enforcement
-
ArticleLarge wound care practice pays $45M, agrees to monitoring
One of the largest wound care practices in the nation and its founder have agreed to pay $45 million and be subjected to third-party monitoring, to settle allegations that the business intentionally overbilled Medicare by priming its electronic medical records system to do so.
-
News BriefSEC dismisses SolarWinds case tied to 2020 cyberattack
The dismissal of charges against SolarWinds for alleged cybersecurity lapses related to a 2020 Russian cyberattack in 2020 are the latest in a continuing pattern of leniency for corporations by the Trump administration.
-
PremiumPart Two: FCPA cases closed by DOJ, SEC since January
Since the start of the Trump Administration, the Department of Justice has been winding down a number of Foreign Corrupt Practices Act investigations with little public attention. This second article further explores how and why these FCPA matters have been closed.