Search Site

Companies Must Be Careful About How They Handle Potential Cybersecurity Whistleblowers

Recent guidance from the U.S. Securities and Exchange Commission (SEC), as well as cases involving the agency and a Supreme Court ruling on whistleblower protections, have shown just how seriously the SEC takes cybersecurity. Now, the onus is on companies across the nation to treat potential cybersecurity whistleblowers properly.

In one recent case the SEC fined Altaba Inc., previously known as Yahoo Inc., $35 million for the way it improperly handled a 2014 data breach. The case marked the first time ever the SEC penalized the victim of a breach.

Whistleblower law experts say the case, as well as the guidance issued by the SEC in February, will both serve to incentivize people within agencies and organizations to step forward and disclose any information they have about cybersecurity issues, especially those that can compromise the personal information of employees and customers. In these cases, the SEC is essentially saying to these companies, “This is an issue you have to take seriously.”

Nothing is technically new

The SEC has emphasized the importance of cybersecurity for years, though there has certainly been some renewed vigor with this emphasis this year. In 2011, the SEC issued guidance that said while no rules explicitly addressed disclosures related to cybersecurity, there are more general requirements that oblige firms to release information. Companies began telling investors more about the potential dangers they faced from hackers, but that risk has grown as technology has evolved, prompting the SEC to push once again the importance of cybersecurity.

With recent events, whistleblowers have more reason to believe that by informing authorities about cybersecurity problems or companies’ failure to disclose them, they are reporting a securities law violation, which means they could potentially earn money for providing these tips.

To learn more about issues related to cybersecurity and securities laws, work with an experienced Dallas whistleblower attorney at Kardell Law Group.

Awards & Honors
Our Office
  • Dallas Office
    4514 Cole Ave
    Dallas, Texas 75205
    Phone: 214-306-8045
    Fax: 469-729-9926
As Seen In
In his new book, "Standing Up to China: How a Whistleblower Risked Everything for His Country," former client & Author, Ashley Yablon, quotes Attorney Steve Kardell about Whistelblower Law.
  • "Steve Kardell was terrific in representing me in some very adversarial discussions with Citigroup and also later represented me in my testimony before the Financial Crisis Inquiry Commission."  -Richard Bowen, Citigroup Whistleblower

  • "Incredible knowledge of employee related concerns and equally brilliant knowledge of health care regulations, standards of practice. I would recommend this firm to anyone."  -V.B.

  • "Reaching out to Steve Kardell was the best decision I made. His ability to provide immediate insight and direction was very powerful, and a huge relief during a very stressful time period. For anyone struggling with a whistleblower situation, I would highly recommend at least speaking with Steve. After a 10 minute call with him, I had a better understanding of what I was dealing with. Even better, he gave me some immediate hope. In the end Steve did a better job than I thought was possible. Steve was able to get in contact with people in my organization, that I didn’t have access to. Because of his years of experience, he already has contacts in many organizations in Dallas. The entire situation was handled peacefully. I was impressed by his ability to “keep the peace”–rather than creating a battle with the organization. The reason I didn’t reach out to a lawyer initially, was because I thought it would mean an immediate end to any hope of a positive relationship with the company. Steve was able to address my concerns, and in the end I was able to continue to work for them."  -KS

  • "Never thought my career would end like it did after 30 years of service. I was part of the first round of the so called reduction of force. I asked myself how can I be part of this with 30 years of seniority. How did they pick these 90 plus employees? Now, the culture of this organization made you question every decision they made. It wasn’t what you knew it’s was a culture of who you know. Nonetheless, I did not accept their severance package. I immediately starting looking for an attorney who would take on my case. After the initial call to Steve I had hope again. He was open and honest about everything and reassured me he would do his best for me, and he did. I had an awesome outcome. Thanks Steve you’re the best."  -S.S.