Whistleblower Who Reported Confirmed Consumer Data Violations Within T-Mobile for Business, Fired by the Executives He Reported.

T-Mobile accessed a whistleblower’s personal cell phone account to identify him as an anonymous Reddit poster.

10 min read2 days ago

–

Press enter or click to view image in full size

Bring your Kid to Work Day at T-Mobile

I worked as an Account Executive for T-Mobile for Business (TFB). I enjoyed my job and I was proud of where I worked, so proud that I paid my own way to bring my son to New York City for Bring Your Kids To Work Day.

Despite enjoying the job, my colleagues Stephanie and Paul (aliases to protect one current employee and another who wishes not to be identified) and I dealt with workplace issues that became more frequent and larger in scale as time went on.We put our trust in T-Mobile’s “Speak Up” policy. A policy that states that retaliation and bad faith reporting will not be tolerated.

Press enter or click to view image in full size

Our reporting covered three categories of misconduct:

1. Sales Data Fraud: We detailed a coordinated scheme involving duplicate account creation and data manipulation to improperly reclassify deals and inflate the sales performance metrics of the Mid-Market segment. A key growth segment touted to investors weeks prior to the fraud beginning.
2. Customer Data Violations: We reported the mandatory, unauthorized use of WhatsApp for all business communications, including sharing sensitive customer account information, specifically to “avoid corporate oversight” and circumvent compliance measures. You will read the full details below.
3. **Hostile Work Environment: **We documented a pattern of unprofessional, harassing conduct by our Senior Manager including calling our teammate “the fat Drew Carey” in a large audience, telling a female employee that his curtains match his drapes, and mocking people with disabilities and the compulsory weight-loss group. He also created a mandatory weight loss group where we were pressured to post pictures of our feet on the scale multiple times per week.

We were whistleblowers. That’s not a nickname I created for myself. T-Mobile Senior Corporate Counsel Janet Foster gave it to me in our first meeting: “We do have a robust Speak Up policy, and we protect whistleblowers like yourself from retaliation. My priority is making sure you’re protected.”

The good news is I am down to 190 pounds now

Cover Up, For Speaking Up

During the investigation, I spoke with Ted Dunagan, the Sales Operations Investigator handling the case. Ted confirmed my observations were correct and told me he had reviewed the findings with Director Mohamad Hamdan, walking leadership through the data and the correct procedures. Then he warned me:

“There were some, I have to be careful, Chris, but there was one or two comments Mo made that I found interesting. If you’re not pleased with the outcome from Mo, take it to the integrity line. I’ve seen cases where leadership didn’t resolve an issue, but when it got escalated to the ethics hotline, it was handled.”

Three days later, Vice President Michelle Wolloff called to tell me no violations occurred, Director Mohamad Hamdan echoed her statement later that day. As Ted suspected, they lied and covered it up.

Reporting T-Mobile Leadership

On December 5–6 I reported Wolloff and Hamdan to employee relations and Senior Coporate Investigator Jon Collins. On December 12, 2025 I submitted the formal complaint to the integrity line.

***Christopher Callahan: ***They’re telling me that the ROE investigation yielded no wrongdoing, no violations, and that’s not what the report says, according to the person who created the report… they’re trying to bury this, and it shouldn’t be buried because they’re not being truthful.

***Christopher Callahan: ***I strongly believe — borderline know — is being covered up by Mo, at the very least. I can’t say for sure about Michelle, but she seems to be backing Mo up. So my trust level is really low right now, which is why I’m trying to cover my bases.

***Jon Collins: ***Again, just to reiterate, you’re aware there are whistleblower protections in place, right? So nobody is trying to come after you, Chris, for bringing this issue to our attention.

They spoke of these whistleblower protections but did nothing to act on whistleblower protections.

Termination

On February 27, 2025, I had my wrap-up call about the investigation into leadership. Two hours later, both Paul and I were fired by Mohamad Hamdan with Michelle Wolloff’s approval.

Every person who played a role in our termination was an individual we had reported and who was under active investigation because of our complaints. The reason behind the termination is so sinister and corrupt that it needs its own article.

The focus of this article will be to overview T-Mobiles retalitory access to my personal cell phone account post termination, the multiple data breaches I reported and the failed investigation.

Access to My Personal Cell Phone Account

Note: The information has been verified through multiple sources. I have extensive recordings and documentation from T-Mobile Customer Care and Care Leadership to support all claims.

In May I went into the T-Mobile store for the first time post termination, the associate immediately informed me that my account was “under investigation” and confirmed the access dates of March 27 and April 3, 2025.

Afterwards, I reached out to T-Mobile’s Social Executive Team via X looking for answers. They admitted that the access did occur and that Senior Corporate Counsel was involved. They claimed it happened because I had sent “letters” to Mike Katz, T-Mobile’s President of Marketing. In reality, I had sent a single LinkedIn message during T-Mobile’s post-termination review. Katz immediately blocked me.

Press enter or click to view image in full size

Direct Message from T-Mobile Executive Social Team

The explanation didn’t make sense. The access came weeks after my message to Katz, and even if my message hadn’t been polite, that doesn’t justify accessing my personal cell phone account.

Then I noticed something. March 27, 2025, was the same day that an article titled “Nightmare T-Mobile Manager Forces Employees to Participate in Weight Loss Group” was published. The article summarized an anonymous Reddit post I had written about my manager, who pressured us to post photos of our feet on a scale. In response, T-Mobile released the following statement:

Press enter or click to view image in full size

T-Mobile Statement Regarding my Reddit Post on March 27, 2025

So how did T-Mobile know the author was a “former employee”? They accessed my personal cellular account. I have two separate sources who confirmed it.

Then on April 3, T-Mobile blocked my family’s access to customer service and my access to MYHR. They later called it an “inadvertent error.” This “error” repeated when I made another Reddit post in September, my social support access was blocked within days.

The Executive Response Team has refused to answer questions, referring all inquiries to T-Mobile’s outside legal counsel, who has declined to engage.

T-Mobile took extraordinary and illegal action in response to a public Reddit post. What follows is the story of their inaction in response to my whistleblower report on systemic customer data violations.

Mandated Use of WhatsApp

Note: The following was sent to Chief Compliance Officer David Werblow and his compliance team.

My internal reporting on data compliance began with the mandated use of WhatsApp. Our Senior Manager mandated that our team to use the unmonitored, personal messaging app for all team communications to “keep the eyes in the sky off of us” and avoid T-Mobile’s internal platforms.

On November 18, 2024, I submitted a formal compliance report detailing this practice to Chief Compliance Officer David Werblow.

Email to Chief Compliance Officer David Werblow

In my first meeting with Senior Corporate Investigator Jon Collins, I explained that sensitive customer and company data was being shared , and former employees walked away with complete chat histories.

Collins discussed safe ways to extract the data, stating a need “to make sure we’re protecting customer information.” Senior Corporate Counsel Janet Foster explained why proper collection mattered:

“It’s also just clean to have kind of an independent or neutral person pull the data, versus you kind of forwarding it to us, just to avoid anyone saying, oh, Chris didn’t give us everything.”

Press enter or click to view image in full size

From T-Mobile Code of Business Conduct

But T-Mobile never properly collected the data. They had me download WhatsApp on my computer. It failed. Then they had me send screenshots with no scope defined. This contradicted what both Collins and Foster had said about proper collection.

Press enter or click to view image in full size

E-Mail from Corporate Investigator Jon Collins

For 57 days, from November 18, 2024 to January 17, 2025 T-Mobile did nothing to secure or remove years of customer data from personal devices. The 2024 FCC decree requires that T-Mobile “take Reasonable steps to log and monitor in real time activities on the T-Mobile Network”.

During those 57 days, T-Mobile had the opportunity to extract the data, audit what had been exposed, and secure the breach. They did none of this. Instead, on January 17, T-Mobile’s “remediation” was removing employees from WhatsApp groups and sending a vague email from VP Michelle Wolloff about proper business communications.

The violation was never contained. Years of unsecured customer data remain on personal devices today. T-Mobile has no record of what customer information was shared, who saw it, or where it went.

I don’t know if they ever analyzed the two-plus years of transcripts. If they did, they likely extracted it from the people I reported the same people who violated the decree in the first place.

Sharing Customer Data with External Partners

The WhatsApp issue wasn’t the only violation we reported. The problem extended to a widespread practice: leadership requiring us to send sensitive customer account lists to third-party partners. These lists included detailed account information who the most active users were, their spending, and other data partners could use to target specific people at these companies.

A message from Channel Partner Manager Tania in the WhatsApp group shows how casual this process was. She was actively coordinating a prospecting campaign with an external partner, Blue Mantis. She instructed the sales team to “send your whole list” of accounts so this third party could begin “prospecting the accounts for you.” The directive came with an urgent one-hour deadline.

Message from Channel Partner Manager

I asked Corporate Investigator Jon Collins if this was allowed. He stated:

If we’re just blindly sending a truckload of customers over to them to say, ‘hey, what can you do with all this,’ that’s probably something we should not be doing. You’re essentially sharing customer information that our customers [are] not giving us permission to share.

I confirmed to Collins that this was precisely what was happening.

This confirmation from compliance put me in an impossible position just two weeks later. My manager and Director, Mo Hamdan, requested that I send my entire account list covering hundreds of companies and thousands of customers to a partner. I avoided sending the list for as long as I could. Eventually, Hamdan put a meeting on my calendar to discuss why I hadn’t complied.

I reached out to Collins and Legal Counsel Janet Foster for guidance. Despite Foster’s earlier promise to “protect whistleblowers like yourself from retaliation,” neither offered support. They stated it was an “active investigation” and couldn’t comment. I was left to face the people I had reported, with no backing from the compliance or legal teams who had assured me I was protected.

Press enter or click to view image in full size

Message to T-Mobile Councel Janet Foster

In the meeting, Hamdan demanded to know why I hadn’t sent the list. I told him I had spoken to the investigation team about a compliance matter and was waiting for their answer.

He wasn’t thrilled with my response:

Let me be very, very direct and clear. The accounts that are in your name are not yours. They belong to T-Mobile. If T-Mobile wants to work with a partner, leave it on us to figure out what’s compliant and not. But when we ask you to give us a list of things that we want to work with a partner on, please do me a favor and just follow through with what we need.

He then demanded to know who I spoke with and conceded that all of T-Mobile for Business would be doing something wrong if this practice wasn’t allowed. This conversation occurred a month after Collins confirmed the practice wasn’t allowed. Either leadership was knowingly continuing a non-compliant practice, or Hamdan was never notified about the violation.

Think of the position I was in. My boss’s boss was demanding I participate in the compliance violation I had reported him for, while the investigation was active. Two months later, Director Mohamed Hamdan fired me.

Whats Next

What you just read is only the beginning. Coming next, I will show the full scope of the sales fraud I reported. I will also expose the real reason VP Michelle Wolloff lied about the investigation results, the retaliation we faced, the toxic “boys’ club” culture they ignored, and the fabricated firing they engineered.

Support

This is not a fun situation to be in. It has impacted my life in so many ways. Me and my colleagues did the right thing; the people involved did the wrong thing, lots of wrong things.T-Mobile is aware of this and has refused to even meet with me.

I am representing myself pro se in a Sarbanes-Oxley (SOX) whistleblower case against T-Mobile, which is pending before an Administrative Law Judge.

Simply reading this is more than enough support, and I thank you for your time. However, if you’re in the position to offer additional support, I could sure use it. Whether you can offer pro bono legal expertise, share this story, or donate to my GoFundMe, any support will make a difference.

If you are a member of the press, an attorney, or someone who can offer support in any way, please reach out to me directly at christopherwcallahan@outlook.com.