To end a legal dispute over a hack last year that exposed data belonging to an estimated 76.6 million customers, T-Mobile US Inc. agreed on Friday to pay $350 million and invest an extra $150 million in data security upgrades. The federal court in Kansas City, Missouri, received the preliminary settlement. The second-largest U.S. wireless carrier said the judge’s permission, which is necessary, may come by December.
T-Mobile expressly refuted allegations that it had violated its obligations to protect customers’ private information and lacked proper data security.
A $400 million pre-tax charge for the settlement is anticipated by the Bellevue, Washington-based business in the second quarter of this year. It said that it had planned on taking the charge and spending $150 million in past financial forecasts.
Last August, T-Mobile made the data breach public, stating that it had impacted more than 47 million current, past, and potential customers.
The amount quickly exceeded 50 million, and T-Mobile reported in November that an additional 26 million users had their personal information accessible as a result of the investigation.
According to T-Mobile, the data contained names, addresses, birth dates, information from driver’s licenses, and Social Security numbers.
The countrywide case involving at least 44 potential class-action lawsuits was settled on Friday.
According to settlement documents, class members may get cash payouts of $25 or $100 in California, and some may earn as much as $25,000 to compensate out-of-pocket expenses. Additionally, they will get two years of identity theft insurance.
The Wall Street Journal reported last August that John Binns, a 21-year-old American who had migrated to Turkey a few years previously, admitted responsibility for the attack and said he breached T-security Mobile’s after discovering an unencrypted router online. According to the settlement agreements, the plaintiffs’ attorneys may ask for up to $105 million, or 30% of the compensation, as their costs.