AG Moody Secures Millions in Multistate Settlement
Release Date
Aug 2, 2019
Contact
Whitney Ray
Phone
850-245-0150
TALLAHASSEE, Fla.—Attorney General Ashley Moody today joined a coalition of 19 attorneys general in a multistate lawsuit against Cisco Systems, Inc. concerning security surveillance system software sold in Florida. The multistate investigation began after a whistleblower came forward under the False Claims Act to assert that Cisco’s software had major flaws rendering the system vulnerable to hackers. Despite learning of the exposure, Cisco failed to report or remedy this security flaw for several years.
Attorney General Ashley Moody said, “I am proud of our office’s role in bringing this action against Cisco Systems. It is totally irresponsible for a company to blatantly ignore vulnerabilities in their computer systems software products that leave consumers’ information at risk. In this new age of technology, companies must vigilantly protect consumers’ private data, and our office will continue to hold responsible companies that carelessly expose Floridians’ sensitive information.”
In 2009, Cisco discovered security flaws in a software product designed to control security camera systems sold to the State of Florida, multiple other states and the federal government. The company failed to report or remedy these flaws until 2013, after an investigation was completed.
The now-discontinued software contained flaws that would permit unauthorized access to the system, with the potential to control and otherwise manipulate security cameras and the recorded footage.
The investigation began after the attorneys general received information from a former Cisco employee who came forward as a whistleblower and filed an action under the Federal False Claims Act and the whistleblower acts of the other states involved. The joint investigation uncovered no evidence that a hack or any unauthorized access of security surveillance systems ever took place.
The $6 million fine will be distributed among the plaintiff states, with a share for the whistleblower. The Florida False Claims Act allows private persons to file civil actions on behalf of the government and to share in any recovery.
The Florida Attorney General’s Office conducted this investigation in coordination with the States of New York, California, Delaware, Hawaii, Illinois, Indiana, Massachusetts, Minnesota, Montana, Nevada, New Hampshire, New Jersey, New Mexico, North Carolina, Rhode Island, Tennessee, Virginia, and the District of Columbia.
Attorney General Ashley Moody said, “I am proud of our office’s role in bringing this action against Cisco Systems. It is totally irresponsible for a company to blatantly ignore vulnerabilities in their computer systems software products that leave consumers’ information at risk. In this new age of technology, companies must vigilantly protect consumers’ private data, and our office will continue to hold responsible companies that carelessly expose Floridians’ sensitive information.”
In 2009, Cisco discovered security flaws in a software product designed to control security camera systems sold to the State of Florida, multiple other states and the federal government. The company failed to report or remedy these flaws until 2013, after an investigation was completed.
The now-discontinued software contained flaws that would permit unauthorized access to the system, with the potential to control and otherwise manipulate security cameras and the recorded footage.
The investigation began after the attorneys general received information from a former Cisco employee who came forward as a whistleblower and filed an action under the Federal False Claims Act and the whistleblower acts of the other states involved. The joint investigation uncovered no evidence that a hack or any unauthorized access of security surveillance systems ever took place.
The $6 million fine will be distributed among the plaintiff states, with a share for the whistleblower. The Florida False Claims Act allows private persons to file civil actions on behalf of the government and to share in any recovery.
The Florida Attorney General’s Office conducted this investigation in coordination with the States of New York, California, Delaware, Hawaii, Illinois, Indiana, Massachusetts, Minnesota, Montana, Nevada, New Hampshire, New Jersey, New Mexico, North Carolina, Rhode Island, Tennessee, Virginia, and the District of Columbia.