Enlarge image
Branch of T-Mobile US: A technically simple hack, the alleged perpetrator claimed
Photo: Christoph Dernbach/dpa
Last year, the American Telekom subsidiary T-Mobile US became the victim of a hacker attack. The perpetrator or perpetrators were able to copy data from 76.6 million US residents.
The company now wants to settle the complaints of those affected with a payment totaling half a billion dollars.
According to the agreement published at the weekend, 350 million dollars (343 million euros) are to flow into a fund for suing US customers.
A further 150 million dollars are to be spent this year and next to improve IT security.
Appeal procedures could cause delays
The stolen user data included names, addresses, social security numbers and telephone numbers.
As is usual in such cases, the agreement expressly states that it does not constitute an admission of guilt by T-Mobile US.
After the attack, T-Mobile US was accused of insufficient protection of user data in class action lawsuits.
Several dozen lawsuits were bundled in Missouri.
The deal still has to be approved by a Missouri judge.
According to the company, this could happen in December.
Appeal procedures could still cause delays, it said.
According to the Wall Street Journal, the attack was carried out by an American who then offered the data for sale in a forum for six bitcoins – at the time the equivalent of $270,000 – and made fun of what he saw as lax security measures at T-Mobile US .
In a chat with journalists from the newspaper, he described the hack as simple: With the help of freely available software, he came across a router that was not secured from the outside and from there gained access to other computers, databases and in the course of this also access data that it would have enabled him to access more than a hundred servers.
pbe/dpa