A long-term T-Mobile stockholder launched a derivative suit against the telecom giant’s current board of directors, alleging they misled investors about the company’s protection of consumer data and failed to take substantial steps to prevent a massive data breach that occurred in August.
Harold Litwin filed his complaint in Washington state federal court on Monday. The complaint names most of T-Mobile’s current board of directors, including T-Mobile President and CEO G. Michael Sievert.
Litwin brings claims of violations of the Securities Exchange Act, breaches of fiduciary duty, and waste of corporate assets.
According to the complaint, T-Mobile has been frequently targeted and exploited by hackers since 2015. Because the wireless company stores the personal information of millions of its customers, it is a high-value target for bad actors, the complaint states.
Litwin claims the board members were aware of the risks posed to the company and stated the risks in numerous public filings with the U.S. Securities and Exchange Commission but never took steps to mitigate the threats, despite assuring investors otherwise.
“The individual defendants … were long aware of red flags demonstrating that the company did not have an effective system of internal controls to ensure the safety and security of customers’ personal identifying information in the face of this threat,” the complaint states.
The complaint details numerous hacks T-Mobile experienced since 2015, but the allegations stem from the most recent attack the company experienced in August in which more than 50 million customers’ personal information was exposed to bad actors who were able to access customer records and credit applications that included names, dates of birth and Social Security and phone numbers.
T-Mobile publicly confirmed the attack after reports that massive amounts of its data had surfaced for sale on the dark web.
Around 7.8 million current postpaid customers had the maximum exposure, which included compromised Social Security and driver’s license numbers. Another 5.3 million existing customers had some of their information compromised, but not Social Security or driver’s license numbers, according to T-Mobile.
Harold Litwin is represented by Miles A. Yanick of Yanick Law & Dispute Resolution PLLC and David C. Katz, Mark D. Smilow, and Joshua M. Rubin of WeissLaw LLP.
The case is Litwin v. Sievert et al, case number 2:21-cv-01599, in the U.S. District Court for the Western District of Washington.