T-Mobile customers past and present may be eligible for part of a $350 million settlementbut the deadline to file a claim is less than a week away.
The carrier agreed to the massive payout to resolve allegations its negligence led to a 2021 data breach that exposed millions of people’s personal information.
The company failed to protect sensitive consumer data, according to plaintiffs in a class action lawsuit filed last year.
“Instead, T-Mobile suffered one of the largest and most consequential data breaches in US history, compromising the sensitive personal information of over 75 million consumers,” their complaint reads.
Here’s what you need to know about the T-Mobile settlement, including how to find out if you qualify for payment, how much money you could get and the deadline to file a claim.
For more on class action suitsfind out if you qualify for Smashburger’s $5 million false-advertising payout or Avis’ $45 million hidden fee settlement.
What happened in the T-Mobile case?
On Aug. 15, 2021, T-Mobile reported that it had been the victim of a massive cyberattack.
Exactly how many customers were impacted isn’t immediately clear: T-Mobile has said that only about 850,000 people’s names, addresses and PINs were “compromised.” According to court filings, however, approximately 76.6 million people had their data exposed.
An individual selling the information on the dark web told Vice they had personal information relating to more than 100 million T-Mobile users.
John Binns, an American living in Turkey, eventually took responsibility for the breach, the fifth such attack on T-Mobile since 2015.
“I was panicking because I had access to something big,” Binns told The Wall Street Journal. “Their security is awful.”
T-Mobile has not acknowledged any wrongdoing but, in a statement shared with CNET, said that, “like every company, we are not immune to these criminal attacks.”
Who is eligible for money in the settlement?
T-Mobile has identified 76 million past and present customers in the US whose information was potentially compromised in the data breach, although the final number may be even higher.
If the $350 million settlement is approved at a final hearing on Jan 20, it will be the second-largest data breach payout in US history, following Equifax’s $700 million settlement in 2019.
Most class members were notified of the proposed settlement by mail, but you can confirm your status by emailing the settlement administrator or calling 833-512-2314.
How much money could I get from T-Mobile?
Current and former T-Mobile customers are eligible for a $25 cash payment, according to the settlement website. California residents are entitled to $100.
You can be reimbursed up to $25,000 if you had to spend time or money to recover from fraud or identity theft related to the breach, although you must submit extensive documentation supporting your claim.
T-Mobile is also offering two free years of McAfee’s ID Theft Protection Service to anyone who believes they may have been a victim of the hack and has agreed to invest $150 million in improving its data security.
A final approval hearing for the settlement has been scheduled for Jan. 20. Payments are typically sent out within 90 days of settlements being approved, although appeals could slow down the process.
How do I file a claim, and what is the deadline?
You can submit a claim via the settlement website or also mail a completed claim form to:
T-Mobile Data Breach Settlement
c/o Kroll Settlement Administration LLC
PO Box 225391
New York, NY 10150-5391
Claims must be submitted by 11:59 pm PT on Jan. 23, 2023, or be postmarked by that date
What’s T-Mobile doing to protect against future data breaches?
T-Mobile has “doubled down” on fighting hackers, the company said in its July 22 statement. It is boosting employee training, collaborating on new protocols with industry experts like Mandiant and Accenture and creating a cybersecurity office that reports directly to CEO Mike Sievert.
T-Mobile also fell prey to the hacker ring Slip$ in March 2022. Hackers accessed employee accounts and attempted to find T-Mobile accounts associated with the Department of Defense and FBI, TechCrunch reported.
They were thwarted by secondary authentication checks.
Read more: How to Protect Your Personal Data After a Security Breach