Washington State is suing T-Mobile again over a 2021 data breach that exposed the sensitive information of more than 79 million people. Edge reports. lawsuit The filing Monday alleges that T-Mobile has been aware of various security loopholes in its systems for years but failed to take action. As a result, the hacker managed T-Mobile hack in March 2021 and went undetected until August of that year, when an “anonymous cybersecurity threat intelligence firm” told T-Mobile what was happening.
In addition to alleging that T-Mobile knew about these flaws and did not take adequate action to correct them, Washington State Attorney General Bob Ferguson also alleges that T-Mobile's notices to customers affected by the hack were inadequate and misleading. The text messages were brief and did not reveal the full extent of the hack, only telling customers that debit and credit card information had not been compromised, but did not mention their Social Security numbers or other personal information had been compromised.
Two million Washingtonians were victims of the hack. The information from T-Mobile's databases later ended up on the dark web and was sold to the highest bidder. T-Mobile is even supposedly hired a third party buy exclusive access to data.
In many ways, this isn't T-Mobile's first rodeo. The company was already sued A.G. Ferguson more than ten years ago regarding “deceptive” advertising. It has also become a hacking target since 2021, or more precisely since 2024.”Salt Typhoonattacks on commercial telecommunications companies. T-Mobile says its systems and data were not significantly affected.