With the increase in data breaches and other cyber security incidents, federal contractors must ensure complete compliance with required cybersecurity standards or run the risk of facing steep consequences—including possible violations of the False Claims Act (FCA). Verizon Business Network Services LLC (Verizon), of Ashburn, Virginia, recently learned about the impact following allegations that it failed to completely satisfy cybersecurity controls when providing information technology services to federal agencies.
Verizon has agreed to pay $4,091,317 to satisfy allegations of violating the FCA by failing to comply “with all Critical Capabilities specified in the applicable version of the Department of Homeland Security’s TIC Reference Architecture Document,” according to the settlement. Verizon has a contract with General Services Administration (GSA) to provide Managed Trusted Internet Protocol Service (MTIPS), which is designed to provide federal agencies with secure internet connections. According to the DOJ, Verizon disclosed that it did not completely satisfy required cybersecurity controls from October 1, 2017 to August 31, 2021. In addition to the self-disclosure, Verizon took significant steps to remedy their non-compliance. Pursuant to Justice Manual § 4-4.112, which takes into account disclosure, cooperation, and remediation in FCA case, Verizon received a credit for its handling of this matter. The Justice Manual contains publicly available Department of Justice (DOJ) policies and procedures.
After this settlement was announced, Deputy Assistant Attorney General Michael Granston of the Civil Division’s Commercial Litigation Branch discussed the importance of following cybersecurity standards and noted that the government “[…]will continue to pursue knowing cybersecurity related violations under the Department’s Civil Cyber-Fraud Initiative and to provide credit in settlements to government contractors that disclose misconduct, cooperate with pending investigations and take remedial measures, all of which are critically important to protecting the nation against cyber threats.”
The attorneys at Chilivis Grubman represent clients of all types and sizes in connection to cyber security incidents and false claim act investigations. If you need assistance with such a matter, please contact us today.