T-Mobile was fined $60 million by the Committee on Foreign Investment in the US (CFIUS) for negligence surrounding data breaches, reports
Reuters. CFIUS penalized T-Mobile for failing to prevent or disclose unauthorized access to sensitive customer data.
When T-Mobile merged with Sprint, it signed a national security agreement with CFIUS, which is what led to the fine earlier this year. T-Mobile is owned by German company Deutsche Telekom, and T-Mobile agreed to protect consumer data as part of the Sprint acquisition.
Back in 2021, T-Mobile suffered a major breach that impacted over 100 million of its users, just a year after it acquired Sprint.
CFIUS does not typically name the companies that it fines, but T-Mobile has been called out in an effort to push companies to comply with national security rules associated with acquisitions.T-Mobile told
Reuters that it experienced technical issues when integrating with Sprint, which affected information from "a small number of law enforcement information requests." T-Mobile claims to have swiftly dealt with the issue and reported it "in a timely manner."
CFIUS said that T-Mobile's lack of timely reporting prevented CFIUS from investigating and mitigating potential harm to U.S. national security.
Article Link:
United States Fines T-Mobile $60 Million for Failing to Prevent Unauthorized Access to Sensitive Customer Data