In the summer of 2021 I reported to you about a data breach at T-Mobile in which personal information of 54.6 million customers, former customers and prospective customers was stolen. The compromised information includes names, phone numbers, Social Security numbers and addresses.  This type of information poses a tremendous threat to victims of the data breach, which is the sixth for T-Mobile in the last four years.  Social Security numbers in particular can be used by identity thieves to apply for credit cards and loans in your name.  In addition, the phone numbers and the fact that the victims of the data breach are known to be T-Mobile customers can be expected to be used by scammers to create phony phishing text messages, called smishing, posing as T-Mobile and luring the targeted victim into clicking on a link in the text message that can download destructive malware.

Now T-Mobile has settled a class action brought against it by victims of the data breach.  According to the terms of the settlement, the company will pay $350 million dollars to settle the claims of the victims and spend an additional $150 million dollars to improve its cybersecurity.  Typical in such settlements, T-Mobile did not admit any negligence or wrong doing, however, anytime a company pays a half a billion dollars to resolve a claim, it can be pretty much understood that it is an admission of liability even if not said so in so many words.


It has not yet been determined exactly how much individual members of the class will receive from the settlement although the settlement agreement does indicate that individual payments will not exceed $2,500.  Far more likely are settlement checks of as little as $25 although individuals who suffered identity theft as a result of the data breach could receive a significant payment.  As more details become known, I will report them to you.

But regardless of the settlement, what should you do if you are a T-Mobile customer who may be affected by this data breach.  Perhaps the first thing you should do is something you should have already done, but as the Chinese proverb says, “the best time to plant a tree is twenty years ago, the second best time is now.”  Freeze your credit at each of the three major credit reporting bureaus.

Here are links to each of them with instructions about how to get a credit freeze:
You also should change your T-Mobile password and security PIN as soon as possible.
Finally, you should be particularly cognizant of not clicking on links in text messages (and emails as well) unless you have absolutely confirmed that the text message or email is legitimate.  Scammers may well send you emails with malware infected links that appear to relate to the data breach and settlement.

If you are not a subscriber to and would like to receive free daily emails with the Scam of the day, you can sign up using this link.