US operator T-Mobile has promised to pay out $350 million to fund claims, legal fees, and administration costs following 2021’s gargantuan data breach.
The company also said in an SEC filing (opens in new tab) that it would fork out $150 million on “data security and related technology” over the next two years.
However, T-Mobile maintained that the settlement “contains no admission of liability, wrongdoing, or responsibility by any of the defendants”.
What actually happened?
T-Mobile claims that the breach impacted 76.6 million people and involved the data loss of customers’ first and last names, Social Security numbers, and driver’s license information.
The incident was blamed on a “sophisticated cyberattack” and T-Mobile customer data later appeared for sale on the dark web, according to reporting by Motherboard (opens in new tab), which said a hacker obtained the information by breaching the telecom company’s servers.
The settlement still needs court approval, which is expected as early as December 2022.
Though the settlement amount for T-Mobile, which reported $58.4 billion in full-year 2021 earnings, is fairly eye-popping, it’s still somewhat mid-table in the list of the largest data breach payouts; Equifax paid out $575 million following its widely publicized 2017 incident, while Home Depot paid out $200 million following its 2014 breach.
Recent research from Splunk found that nearly half (49%) of companies suffered a data breach in the last two years.
- Want to avoid your company making a massive payout? Check out our guide to the best ID theft protection.
Via The Verge (opens in new tab)