T-Mobile’s statement is contradictory to the committee’s findings. Credit: Shutterstock

T-Mobile has been fined $60m for failing to prevent and report unauthorised access to sensitive data according to senior US officials.

The T-Mobile fine comes from the Committee on Foreign Investment in the US (CFIUS), a body formed to scrutinise foreign investment for national security risks and is its largest penalty issued to date.

Go deeper with GlobalData

Data Insights

The gold standard of business intelligence.

Find out more

Related Company Profiles

View all

US officials said: “The $60m penalty announcement highlights the commitment to ramping up CFIUS enforcement by holding companies accountable when they fail to comply with their obligations.”

CFIUS is an inter-agency committee in the US government which tightened its regulations in April of this year, marking the first substantive update to its mitigation and enforcement provisions since 2018.

The penalty is tied to violations of a mitigation agreement that German-controlled T-Mobile signed with the panel as part of its $23bn acquisition of US-based Sprint Corp in 2020.

Unauthorised access to sensitive data in this case occurred between 2020 and 2021 during T-Mobile’s post-merger integration with Sprint Corp.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

A statement by T-Mobile said the company experienced technical issues that affected “information shared from a small number of law enforcement information requests.” It stressed that the data never left the law enforcement community, was reported “in a timely manner” and was “quickly addressed.”

T-Mobile’s failure to report the incidents promptly resulted in a delay by CFIUS to investigate and mitigate any potential harm to US national security, they added, without providing further details.

The committee has issued six penalties in the last 18 months, triple the number it levied between 1975 and 2022, officials told reporters, noting that penalties range from $100,000 to $60m.

In an unprecedented decision, the committee has decided to announce the fine publicly.

Awarding such a significant fine demonstrates that the committee is taking a more robust approach to enforcement as it seeks to deter future violations.