简体中文
繁體中文
English
Pусский
日本語
ภาษาไทย
Tiếng Việt
Bahasa Indonesia
Español
हिन्दी
Filippiiniläinen
Français
Deutsch
Português
Türkçe
한국어
العربية
Abstract:SEC charges Unisys, Avaya, Check Point, and Mimecast for misleading disclosures in the 2020 SolarWinds breach. Fines highlight cybersecurity risks and disclosure violations.
The U.S. Securities and Exchange Commission (SEC) has fined four companies—Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies, and Mimecast—for misrepresenting the impact of the 2020 SolarWinds supply chain attack. According to the SEC, these companies misled shareholders and investors about the breachs true extent, marking another chapter in corporate cybersecurity failures.
The SECs investigation revealed that these companies failed to disclose the full severity of the SolarWinds hack, which affected thousands of organizations worldwide. Russian state-sponsored hackers had targeted SolarWinds' Orion software, a popular IT management tool, gaining access to many enterprises and government institutions.
The fines, ranging from $990,000 to $4 million, are linked to allegations that the companies downplayed or misrepresented the breach in their public reports. Unisys, for example, was fined $4 million for withholding critical information concerning two SolarWinds-related attacks that resulted in the loss of huge amounts of sensitive data. This was the greatest penalty for violations of their disclosure controls.
Avaya and Check Point were also criticized for failing to sufficiently warn investors about the dangers of the SolarWinds assault. Avaya first stated that just a small number of emails were viewed, but the SEC discovered that hackers downloaded more than 145 files. Similarly, Check Point, a cybersecurity company, toned down its own breach, giving investors a false feeling of security.
These fines highlight the growing regulatory emphasis on corporate openness in cybersecurity disclosures. The SolarWinds assault, one of the most destructive in recent years, serves as a stark reminder that firms must not only repair breaches but also be transparent with their shareholders.
As cybersecurity events become more common and sophisticated, business executives and compliance officials must improve their reporting mechanisms. With the SEC tightening its regulation of breach reporting, investors and stakeholders are seeking more openness in the aftermath of these big assaults.
The increasing penalties for SolarWinds-related breaches convey a clear message: businesses can no longer afford to conceal cybersecurity flaws or submit deceptive reports.
Disclaimer:
The views in this article only represent the author's personal views, and do not constitute investment advice on this platform. This platform does not guarantee the accuracy, completeness and timeliness of the information in the article, and will not be liable for any loss caused by the use of or reliance on the information in the article.
Proprietary trading firm The Funded Trader has detailed its financial recovery efforts following a turbulent period marked by an unsustainable payout model. Addressing these challenges publicly, the firm outlined the steps being taken to resolve outstanding obligations and ensure operational sustainability.
Doo Group has announced its acquisition of PT Prima Tangguharta Futures, a Jakarta-based broker specialising in online derivatives trading. This move represents a significant step in Doo Group's regional expansion strategy and reinforces its growing presence in Southeast Asia.
Google exposes deepfake scams, crypto fraud, and app cloning trends. Learn how to spot these threats and safeguard your data with expert tips and advice.
October inflation rises to 2.3%, driven by energy costs. Renters face 8% annual hikes, while house price inflation climbs. Interest rates stay elevated.