The preliminary settlement has been filed in federal court in Kansas City, Missouri.
It requires the approval of a judge, which, according to the second American mobile operator, could intervene by December.
T-Mobile has specifically denied any wrongdoing, including accusations that it failed in its duty to protect customers’ personal information and had inadequate data security.
The Bellevue, Wash.-based company expects a pre-tax charge of about $400 million in the second quarter of this year for the settlement. It said it considered that charge and $150 million in expenses in its previous financial forecast.
T-Mobile disclosed the data breach last August, saying at the time that it affected more than 47 million current, former and potential customers.
That number soon rose to 50 million, and T-Mobile said in November that its investigation found that 26 million more people had accessed their personal information.
T-Mobile said the information included names, addresses, dates of birth, driver’s license data and Social Security numbers.
Friday’s settlement covers a nationwide litigation combining at least 44 proposed class actions.
Class members can receive cash payments of $25, or $100 in California, and some could receive up to $25,000 to cover their losses, according to the settlement documents. They will also receive two years of identity theft protection.
John Binns, a 21-year-old American who had moved to Turkey a few years earlier, took responsibility for the hack, saying he broke through T-Mobile’s defenses after finding an unprotected router on the internet, according to the Wall Bourse Journal in August. last.
Plaintiffs’ attorneys can seek fees of up to 30%, or $105 million, of the settlement, according to the settlement documents.