T-Mobile is facing its largest penalty to date — a $60 million fine — for failing to prevent and report unauthorized access to sensitive data, according to a Reuters report.
The fine, imposed by the Committee on Foreign Investment in the U.S. (CFIUS), is connected to breaches of a mitigation agreement that T-Mobile, which is controlled by Germany’s Deutsche Telekom, signed with CFIUS as part of its $23 billion acquisition of Sprint in 2020.
CFIUS, responsible for overseeing foreign investments for national security risks, found that T-Mobile faced unauthorized data access incidents in 2020 and 2021.
T-Mobile stated that the incidents were due to technical issues during its post-merger integration with Sprint, affecting information shared from a small number of law enforcement requests. The company emphasized that the data remained within the law enforcement community, was promptly reported, and swiftly addressed.
This fine is part of a broader trend, as CFIUS has issued six penalties in the last 18 months, a significant increase compared to previous years. The fines imposed range from $100,000 to $60 million, with T-Mobile’s case being the most substantial. The company’s delay in reporting the incidents hindered CFIUS’ ability to investigate and mitigate potential threats to U.S. national security.
