T-Mobile Data Breach Settlement — How to File a Claim (2026 Guide)

T-Mobile has been the subject of at least six major data breaches since 2018, making it one of the most breached telecom companies in US history. Each breach generated class action litigation — and most have resulted in significant settlement funds paid to affected customers.

The largest settlement — the $350 million fund from the 2021 cyberattack — covered T-Mobile customers whose data was exposed in the August 2021 breach. That settlement's claims filing window has closed. However, new T-Mobile breach litigation remains active and additional settlement funds are expected as the 2023 cases reach resolution. SettlementRadar tracks all open T-Mobile claims in real time — check the settlement cards above for currently available claims.

The August 2021 T-Mobile cyberattack was one of the largest telecom data breaches in US history. Hackers accessed T-Mobile's servers and stole personal data belonging to approximately 76.6 million US residents — including millions of people who were not even current T-Mobile customers at the time. The data exposed varied by individual but included: full legal name, Social Security numbers (SSN), driver's license numbers, date of birth, T-Mobile account PINs, phone numbers, IMEI numbers (device identifiers), and in some cases financial account information.

The most damaging element of the breach was the exposure of SSNs and driver's license numbers — the building blocks of identity theft. These credentials allow bad actors to open fraudulent credit accounts, file fake tax returns, and create fake IDs. For customers whose SSN and driver's license were both exposed, the fraud risk is significant and long-lasting.

T-Mobile initially claimed fewer than 100 customers were affected, then revised the number to 76.6 million within days as investigators uncovered the full scope. The company faced criticism for both the breach itself — which exploited an unprotected server that had been exposed to the internet — and for the delay in its disclosure and customer notification. The breach led directly to the $350 million class action settlement filed in US District Court for the Western District of Missouri.

T-Mobile agreed to a $350 million settlement in July 2022 to resolve class action litigation arising from the 2021 data breach. The settlement was one of the largest data breach class action settlements ever approved in the United States at the time. The settlement class included all current and former T-Mobile customers — including Sprint and Metro by T-Mobile customers — whose personal information was compromised in the August 2021 breach. T-Mobile also committed to spending an additional $150 million on data security improvements over 2022 and 2023, bringing the total value to $500 million.

Class members who filed claims by the deadline were eligible for: a basic tier of $25 per person (self-certification, no proof required) — capped at $100 per household; $100 for California residents who self-certified; up to $25,000 for California residents with documented extraordinary harm; and for all states, reimbursement of documented out-of-pocket losses including credit monitoring subscription costs, time spent dealing with identity theft, and actual financial losses, up to $25,000. The claims filing deadline for the 2021 settlement has now passed. Check the settlement cards above for any currently open T-Mobile claims.

You may qualify for a T-Mobile data breach settlement claim if you were a T-Mobile, Sprint, or Metro by T-Mobile customer at any point since 2018. Specifically:

- For the 2021 breach settlement (closed): You needed to have been a T-Mobile customer whose personal information was included in the August 2021 breach. T-Mobile notified affected customers by text and email, but many people never received notice or dismissed it.

- For ongoing 2023 breach litigation: If you were a T-Mobile customer during the 2023 API breach — which exposed account data for approximately 37 million customers — you may be eligible as that case reaches settlement.

- Former customers qualify too: You do not need to be a current T-Mobile customer. Former T-Mobile and Sprint customers whose data was stored in T-Mobile's systems during any covered breach period are eligible.

- No proof of identity theft required: For most T-Mobile data breach settlements, you do not need to prove that your data was actually misused by hackers. The standard is whether your data was exposed — not whether you suffered measurable harm. Simply being a customer during the breach period is typically sufficient to qualify for the basic settlement tier.

Step 1: Check the current settlement status on SettlementRadar. The 2021 settlement claims window is closed; watch for new T-Mobile settlements to open as the 2023 breach cases resolve.

Step 2: Gather your account information. Have your T-Mobile (or Sprint, or Metro by T-Mobile) account number, the phone number(s) on your account, and the email address associated with your account. This information is used to verify your eligibility and locate your account in the breach records.

Step 3: Go to the official claim form via SettlementRadar. We link directly to the official settlement administrator's website — never through third parties or sites that charge fees for what is always a free filing.

Step 4: Choose your claim tier. If you have no documentation of losses, select the basic tier. If you purchased credit monitoring or identity theft protection services because of the breach, or spent time and money dealing with identity theft, select the documented loss tier — these pay significantly more.

Step 5: Submit and save your confirmation number. Screenshot it or write it down — this is your proof of filing.

Step 6: Wait for payment distribution. The court must approve final distribution, which typically takes 6–18 months after the filing deadline. Payments are sent by check, PayPal, Venmo, or Zelle.

Pro tip: If you received a settlement notice letter or email from T-Mobile, it may contain a unique claim ID that speeds up the verification process. Use it if you have it — but you do not need it to file.

T-Mobile completed its acquisition of Sprint in April 2020, making all former Sprint customers part of T-Mobile going forward. Metro by T-Mobile (formerly MetroPCS) is T-Mobile's prepaid brand. For settlement purposes, all three brands are typically covered under T-Mobile umbrella settlements.

If you had service with Sprint before April 2020 and your data was transferred to T-Mobile's systems, you qualify as a class member for any post-merger T-Mobile settlement. If you're a Metro by T-Mobile prepaid customer, you are also covered — the 2021 breach affected both postpaid and prepaid customer databases.

If you're unsure which brand you used or when, check your old emails for billing confirmations: Sprint bills came from sprint.com; T-Mobile bills from t-mobile.com; Metro bills from metrobyt-mobile.com. Any of these qualify you as a class member for the relevant settlement periods.

The $350 million T-Mobile 2021 settlement fund distributed payments as follows: $25 per person for basic self-certification claims (no documentation required); $100 for California residents who self-certified; up to $25,000 for class members with documented out-of-pocket losses caused by the breach; and up to $25,000 for California residents with extraordinary harm documentation.

The actual per-person payouts for basic claimants were sometimes lower than $25 due to the high volume of valid claims submitted — total claim volume significantly exceeded the amount set aside for basic tier. This is a common outcome in large data breach settlements with millions of eligible class members. For future T-Mobile settlements from the 2023 breaches, payout amounts will depend on the settlement fund size and total claim volume.

One key lesson from the 2021 settlement: if you have any documentation of costs caused by a T-Mobile breach — credit monitoring subscription receipts, identity theft protection bills, time records dealing with fraudulent accounts — file the documented loss tier. Basic-tier payouts can be diluted by high claim volumes; documented loss tier payouts are based on your actual costs and consistently pay 5–50 times more.