简体中文
繁體中文
English
Pусский
日本語
ภาษาไทย
Tiếng Việt
Bahasa Indonesia
Español
हिन्दी
Filippiiniläinen
Français
Deutsch
Português
Türkçe
한국어
العربية
Abstract:SEC charges Unisys, Avaya, Check Point, and Mimecast for misleading disclosures in the 2020 SolarWinds breach. Fines highlight cybersecurity risks and disclosure violations.
The U.S. Securities and Exchange Commission (SEC) has fined four companies—Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies, and Mimecast—for misrepresenting the impact of the 2020 SolarWinds supply chain attack. According to the SEC, these companies misled shareholders and investors about the breachs true extent, marking another chapter in corporate cybersecurity failures.
The SECs investigation revealed that these companies failed to disclose the full severity of the SolarWinds hack, which affected thousands of organizations worldwide. Russian state-sponsored hackers had targeted SolarWinds' Orion software, a popular IT management tool, gaining access to many enterprises and government institutions.
The fines, ranging from $990,000 to $4 million, are linked to allegations that the companies downplayed or misrepresented the breach in their public reports. Unisys, for example, was fined $4 million for withholding critical information concerning two SolarWinds-related attacks that resulted in the loss of huge amounts of sensitive data. This was the greatest penalty for violations of their disclosure controls.
Avaya and Check Point were also criticized for failing to sufficiently warn investors about the dangers of the SolarWinds assault. Avaya first stated that just a small number of emails were viewed, but the SEC discovered that hackers downloaded more than 145 files. Similarly, Check Point, a cybersecurity company, toned down its own breach, giving investors a false feeling of security.
These fines highlight the growing regulatory emphasis on corporate openness in cybersecurity disclosures. The SolarWinds assault, one of the most destructive in recent years, serves as a stark reminder that firms must not only repair breaches but also be transparent with their shareholders.
As cybersecurity events become more common and sophisticated, business executives and compliance officials must improve their reporting mechanisms. With the SEC tightening its regulation of breach reporting, investors and stakeholders are seeking more openness in the aftermath of these big assaults.
The increasing penalties for SolarWinds-related breaches convey a clear message: businesses can no longer afford to conceal cybersecurity flaws or submit deceptive reports.
Disclaimer:
The views in this article only represent the author's personal views, and do not constitute investment advice on this platform. This platform does not guarantee the accuracy, completeness and timeliness of the information in the article, and will not be liable for any loss caused by the use of or reliance on the information in the article.
Dubai, UAE — The WikiEXPO Dubai 2024, hosted by WikiGlobal, successfully concluded on November 27, attracting wide attention from the global financial technology sector. The event was co-organized by WikiFX and the Australian Computer and Law Association (AUSCL), with strong support from the Mauritius Financial Services Institute (FSI) and the government of Liberland. Through an innovative hybrid model of online and offline participation, WikiEXPO Dubai 2024 achieved an impressive 1,267,886 online views and gathered 3500+ on-site participants, bringing together 550+ industry leaders and attracting close coverage from over 1300+ global media outlets.
The German Federal Financial Supervisory Authority (BaFin) has recently flagged a fraudulent clone of the licensed retail FX and CFD broker Pepperstone. This fake entity, operating under the domain pepperstone.life, has been offering financial and investment services without obtaining the necessary regulatory authorisation.
The Royal Malaysian Police (PDRM) have raised concerns over the increasing use of TikTok by criminal syndicates to lure victims into investment scams.
With 7M UK adults holding cryptocurrency, the FCA outlines a robust plan to regulate crypto markets, stablecoins, and staking by 2026, aligning with global trends.