“Federally funded contracts often come with IT security requirements, and contractors must comply with these obligations,” said Brian M. Boynton, a senior official in the U.S. Attorney’s Office. His agency recently recovered $11.3 million from two companies that admitted they failed to perform required security audits on a website they developed for the government.
Advertisement
At the heart of the case is a contract awarded in 2021. The US Parliament released funds to provide financial support to needy tenants during the peak of the COVID19 pandemic (Emergency Rent Assistance Program). Applications for this support must be submitted to US state authorities. New York awarded the contract for programming the corresponding website, including a database for applicants, to the company Guidehouse Inc. from the US state of Virginia. It appointed subcontractor Nan Mackey and Associates to carry out the implementation.
A few hours after the system went online on June 1, 2021, personal data of applicants appeared online. The authority immediately took the website offline again. Both companies have now admitted that they did not carry out mandatory security checks before activating the system. In addition, Guidehouse admits to using cloud services from a third provider without obtaining the customer’s contractually required consent.
YouTube is testing new technology against ad blockersBoth companies have admitted fault. Guidehouse paid $7.6 million and Nan McKay paid another $3.7 million. In return, ongoing civil litigation in the U.S. District Court for the Northern District of New York will be discontinued.United States ex rel Elevation 33, LLC v. Guidehouse Inc et alReference 1:22-cv-00206).
Reward for informers
Of the money, $1.95 million will be awarded to a former Guidehouse employee. He brought the case to court as an individual citizen. This is provided for in the US federal law False Claims Act of 1863: anyone who notices that someone is defrauding the public sector can take the case to court on behalf of the state. If successful, you will receive a share of the proceeds. Most lawsuits under the False Claims Act are brought not by officials, but by private individuals.
In fiscal year 2023, there were more than 500 False Claims Act verdicts and settlements, totaling more than $2.68 billion in damages to the U.S. government, including $1.8 billion for health care fraud alone. Actions initiated by private individuals accounted for more than $2.3 billion. They earned a total award of $349 million.
(DS)
