We represent victims of reverse discrimination and anti-DEI whistleblowers

Tips for Whistleblowers Who Identify Cybersecurity Violations

posted: Nov. 15, 2025
Steve Kardell
Whistleblowers
fraud, certification, breaches

Companies and governments devote billions of dollars to cybersecurity, but major breaches still occur. To protect personal and confidential information, government contractors often must declare that have taken appropriate measures to guard against digital misappropriation. This can be an expensive and complex task however, and there are situations where businesses are unable or unwilling to install the necessary precautions.

Cybersecurity failures can be treated as fraud against the government. The Department of Justice is actively pursuing these matters under its Civil Cyber-Fraud Initiative, using the False Claims Act (FCA) to investigate and resolve cases where companies misrepresented their cybersecurity practices or concealed reportable incidents. Though you might believe that only an expert in the field can detect when something is wrong, this is not the case. Even an employee without a technical background can become a cybersecurity whistleblower in one of the following ways:

Recognizing certification fraud — A contract negotiator or project manager might see that a specific certification is required to show that systems are safe against digital breaches. If there is no evidence of the company qualifying for the requested certification, it could trigger a False Claims Act case.
Reporting excessive charges — Cybersecurity is highly complex and often requires customization for the particular systems and threats. Pinpointing the exact value of these services can be tricky, which could tempt dishonest contractors to overcharge for the measures they install. Similarly, charging for “compliant hosting,” MFA, encryption or 24/7 monitoring that is not actually implemented constitutes fraud.
Flagging unreported breaches — Compliance with cybersecurity provisions includes prompt, complete reports of any breaches that occur. When an employee is aware of a problem after which the government was not notified, they can act as a whistleblower.

The False Claims Act’s qui tam provisions allow insiders to file a legal action under seal on the government’s behalf. If the case is successful, the whistleblower can obtain a share of the government’s financial recovery, usually between 15 and 30 percent. You can be confident about coming forward to report misconduct because the FCA’s anti-retaliation provision protects employees (and certain contractors/agents) from discharge, demotion or harassment in response to lawful efforts to stop fraud.

At Kardell Law Group, we are accomplished attorneys who have secured substantial compensation for whistleblowers in various forms of qui tam litigation. If you know of contractor misconduct related to cybersecurity or another type of fraud against the government, reach out to us today.

Contact The Firm

Our Location

--mi

Whistleblower Law For Managers

Address

4514 Cole Ave., Suite 600
Dallas, TX 75205

Get Directions

Call Kardell Law Group

214-306-8045

Whistleblower Law For Managers is located in Dallas, TX and serves clients in and around Dallas, Irving, Mesquite, Richardson, Garland, Sunnyvale, Lancaster, Desoto, Hutchins, Sachse, Rowlett, Wilmer, Wylie, Euless, Arlington, The Colony, Grapevine, Seagoville, Collin County, Dallas County, Denton County, Ellis County, Kaufman County, Rockwall County and Tarrant County.

Attorney Advertising. This website is designed for general information only. The information presented at this site should not be construed to be formal legal advice nor the formation of a lawyer/client relationship. [ Site Map ]

See our profiles at Lawyers.com and Martindale.com

Martindale-Hubbell and martindale.com are registered trademarks; AV, BV, AV Preeminent and BV Distinguished are registered certification marks; Lawyers.com and the Martindale-Hubbell Peer Review Rated Icon are service marks; and Martindale-Hubbell Peer Review Ratings are trademarks of MH Sub I, LLC, used under license. Other products and services may be trademarks or registered trademarks of their respective companies. Copyright © 2026 MH Sub I, LLC. All rights reserved.