Cisco Systems Inc. recently agreed to a significant settlement after a whistleblower filed a lawsuit claiming the company improperly sold video surveillance software that had known weaknesses to federal and state government agencies. The case marks the very first time a False Claims Act resulted in a payout over failure to adhere to proper cybersecurity standards.
Cisco paid $8.5 million to settle the case, of which $1 million went to the whistleblower, James Glenn. The initial legal complaint was filed eight years ago, but court documents were only recently unsealed.
Glenn had previously worked at a Cisco partner called NetDesign in Denmark. In 2008, he first warned the company that a hacker who was able to access a camera that was part of the system could potentially exploit system vulnerabilities to take control of an entire network, moving beyond the video system. Cisco failed to act, so Glenn took further steps, talking to a detective on an FBI terrorism unit. Cisco ultimately acknowledged the safety flaws in 2013 with a software update.
Awards available for whistleblowers in FCA cases
There are hundreds of False Claims Act lawsuits filed each year, as there are incentives built into the program who reward whistleblowers for providing tips about misconduct by government contractors. To win an award, whistleblowers must provide unique, actionable and nonpublic information on the case that helps authorities levy sanctions.
Many government contracts include promises that products will meet certain government cybersecurity standards, so legal experts have long believed that it was only a matter of time before there would be a cybersecurity-related FCA case that made headlines in such a way. This case is a groundbreaker in that regard.
For more information on how to proceed if you believe you have a False Claims Act case on your hands, meet with an experienced whistleblower lawyer at Kardell Law Group.