In the summer of 2021 I reported to you about a data breach at T-Mobile in which personal information of 54.6 million customers, former customers and prospective customers was stolen. The compromised information included names, phone numbers, Social Security numbers and addresses.  This type of information poses a tremendous threat to victims of the data breach, which was the sixth for T-Mobile in the last four years.  Social Security numbers in particular can be used by identity thieves to apply for credit cards and loans in your name.

Last July T-Mobile settled a class action brought against it by victims of the data breach.  According to the terms of the settlement, the company will pay $350 million dollars to settle the claims of the victims and spend an additional $150 million dollars to improve its cybersecurity.  If you were a victim of this data breach, the deadline for filing a claim to receive payment through the class action settlement is tomorrow, January 23rd so if you haven’t filed yet, you should do so immediately.  Here is the link to submit a claim online.

Now, however, T- Mobile revealed in federal filings that it had suffered yet another massive data breach affecting 37 million of its customers.  This time while no Social Security numbers were compromised, the stolen information did include the names, billing addresses, email addresses, phone numbers, birth dates, T-Mobile account numbers and information about the specific plans of the affected customers. All of this information can be used to tailor spear phishing emails and text messages that threaten the security of the victims of the data breach.


But regardless of the settlement, what should you do if you are a T-Mobile customer who may be affected by this latest data breach.  Perhaps the first thing you should do is something you should have already done, but as the Chinese proverb says, “the best time to plant a tree is twenty years ago, the second best time is now.”  Freeze your credit at each of the three major credit reporting bureaus.

Here are links to each of them with instructions about how to get a credit freeze:
You also should change your T-Mobile password and security PIN as soon as possible.
Finally, you should be particularly cognizant of not clicking on links in text messages and emails unless you have absolutely confirmed that the text message or email is legitimate.  Scammers may well send you emails with malware infected links that appear to relate to the data breach.

If you are not a subscriber to and would like to receive free daily emails with the Scam of the day, you can sign up using this link.