The Annual Insuring Cannabis Summit starts in 2 days! Get Your Free Ticket

Verizon Pays $4M to Settle Federal Cybersecurity Claims But Admits No Liability

September 6, 2023

Verizon Business Network Services of Ashburn, Virginia, has agreed to pay $4,091,317 to resolve False Claims Act allegations that it failed to completely satisfy certain cybersecurity controls in an information technology service it provided to federal agencies.

The settlement with the Department of Justice (DOJ) does not include any determination of liability. Also, in connection with the settlement, the DOJ acknowledged that Verizon “took a number of significant steps entitling it to credit for cooperating with the government.”

“When government contractors fail to follow required cybersecurity standards, they may jeopardize the security of sensitive government information and information systems,” said Deputy Assistant Attorney General Michael Granston of the civil division’s commercial litigation branch.

He said that when the department pursues cybersecurity related violations it is willing to provide credit in settlements to government contractors that disclose misconduct, cooperate with pending investigations and take remedial measures as Verizon did.

This settlement relates to Verizon’s Managed Trusted Internet Protocol Service (MTIPS), which provides federal agencies with secure connections to the public internet and other external networks. The settlement resolves allegations that Verizon’s MTIPS solution did not completely satisfy three required cybersecurity controls with respect to General Services Administration (GSA) contracts from 2017 to 2021.

After learning of the issues, Verizon provided the government with a written self-disclosure, initiated an independent investigation and compliance review of the issues and provided the government with multiple detailed supplemental written disclosures. Verizon cooperated with the government’s investigation of the issues and took substantial remedial measures, according to the settlement.

“The United States should get the cybersecurity controls that it contracts and pays for to safeguard against cyber threats that could compromise critical information and systems,” said Acting Inspector General Robert C. Erickson of the GSA.

Source: Department of Justice

Topics Cyber Claims

Was this article valuable?

Here are more articles you may enjoy.