Washington state has filed a lawsuit against T-Mobile, accusing the company of failing to address long-standing cybersecurity vulnerabilities that led to a massive data breach in 2021, exposing the personal information of 79 million people across the U.S. The lawsuit, initiated by Washington Attorney General Bob Ferguson, alleges that T-Mobile neglected to take necessary steps to secure its systems, despite being aware of these vulnerabilities \"for years.\"

The breach, which began in March 2021 but wasn’t disclosed by T-Mobile until August of the same year, compromised sensitive information such as names, phone numbers, addresses, dates of birth. Over two million Washington residents were among those affected. The lawsuit alleges that T-Mobile's response to the breach violated state consumer privacy laws by providing reviews that were missing important details and prevented customers from effectively assessing their risk of identity theft and fraud. Moreover, the filing claims T-Mobile failed to meet basic cybersecurity standards for years, including using weak passwords to protect accounts with access to sensitive consumer data.

This isn't Ferguson's first legal battle with T-Mobile. In 2013, his office successfully forced the company to clarify the limits of its "no-contract" wireless plans. At present, in the last trial, people who have dealt with 2021 violations need to be compensated, and to attract T-mobile to attract T-Mobile to improve cyber security practice, and associate it with future data violations. It is necessary to make a court decision to improve transparency.

T-mobile has already encountered the result of copyright infringement in 2021. The company agreed to pay $350 million in 2022 to settle a class-action lawsuit and was hit with an additional $15.75 million in fines following an FCC investigation into repeated cybersecurity failings. The new lawsuit could further increase pressure on T-Mobile to strengthen its data protection measures.