Aerojet Rocketdyne, Inc. (“Aerojet”), an aerospace and defense company headquartered in California, agreed to pay $9 million to resolve allegations that it misrepresented its compliance with cybersecurity requirements in violation of the False Claims Act (“FCA”). This matter was initiated by Brian Markus, Aerojet’s former Senior Director of Cyber Security, Compliance, and Controls, under the qui tam whistleblower provisions of the FCA.

Aerojet manufactures products used in the aerospace and defense industry, and their primary customers include the Department of Defense (“DoD”) and the National Aeronautics & Space Administration (“NASA”). Both the DoD and NASA impose specific regulations, along with Federal Acquisition Regulations, with which their contractors must comply. Contractors awarded contracts from the DoD must comply with  48 C.F.R. § 252.204-7012 (2013), or pre-approved alternative measures, to ensure their contractors have “protective measures that are commensurate with the consequences and probability of loss, misuse, or unauthorized access to, or modification of information.” 48 C.F.R. § 252.204–7012(a). Contractors awarded contracts from NASA must comply with 48 C.F.R. § 1852.204-76. According to the Relator, Aerojet entered into several federal government contracts with knowledge that their systems did not meet minimum-security standards.

Aerojet agreed to enter a $9 million settlement on the second day of trial, and the Relator will receive a settlement share of $2.61 million. This settlement is another signal of the Civil Cyber-Fraud Initiative and its dedication to pursue government contractors who do not follow required cybersecurity standards. The Civil Cyber-Fraud Initiative was announced in October 2021 and pledged to use the FCA to pursue cybersecurity related fraud. Deputy Attorney General Monaco specifically commented that they we will use “[…] civil enforcement tools to pursue companies, those who are government contractors who receive federal funds, when they fail to follow required cybersecurity standards — because we know that puts all of us at risk. This is a tool that we have to ensure that taxpayer dollars are used appropriately and guard the public fisc and public trust.”

The attorneys at Chilivis Grubman represent clients of all types and sizes in connection to False Claims Act litigation, government investigations, and cybersecurity fraud investigations. If you need assistance with such a matter, please contact us today.