T-Mobile US was hit with class action lawsuits in connection to a recent cyberattack which affected 37 million users, with two plaintiffs claiming the company was negligent in protecting customers.

In a court filing with the US district court in Florida, plaintiff Christine Cortazal brought forward the complaint for damages from the US operator, leading the charge on behalf of all affected customers.

Cortazal argued T-Mobile failed “to exercise reasonable care in securing sensitive personal information”. She is seeking compensation for herself and any persons “similarly” impacted.

An almost identical lawsuit was filed by Jennifer Baughman in a court in California.

Attack
T-Mobile last week issued details of a cyberattack which commenced in November 2022 and which the operator first identified on 5 January.

The company claimed it had stopped the attack within 24 hours of first identifying it, but acknowledged data including user’s names, billing addresses, phone numbers, date of births and account information had been compromised.

In a filing with the Securities and Exchange Commission, T-Mobile acknowledged it would likely face significant expenses as a result.

The operator agreed to pay $350 million to settle a lawsuit in 2022, following a breach affecting more than 100 million users.