DOJ orders consultants to pay $11.3M total for cyber rule violations

By Adrianne Appel2024-06-18T19:49:00

Guidehouse and Nan McKay and Associates will pay a total of $11.3 million to the Department of Justice (DOJ) to settle allegations that cybersecurity failures led to the theft of client personal information during the height of the COVID-19 pandemic.

Guidehouse agreed to pay about $7.6 million, while NM agreed to pay $3.7 million, the DOJ announced in a press release Monday.

The case resolved claims brought under the qui tam provisions of the False Claims Act by Elevation 33, an entity owned by a former Guidehouse employee. The former employee will receive about $1.9 million of the settlement.

THIS IS MEMBERS-ONLY CONTENT

LEARN MORE

You are not logged in and do not have access to members-only content.

If you are already a registered user or a member, SIGN IN now.

News Brief
DOJ fines MORSE Corp $4.6M for lax cyber controls amid crack down on federal contractors

2025-03-27T12:49:00Z By Aaron Nicodemus

Yet another government contractor has been slapped with a fine by the Department of Justice for applying lax cybersecurity defenses on sensitive government data.
News Brief
SEC orders R.R. Donnelley to pay $2.1M over cyber-related control violations

2024-06-20T14:45:00Z By Jeff Dale

A business communications and marketing services company agreed to pay more than $2 million to settle charges levied by the Securities and Exchange Commission over cybersecurity-related control violations.
News Brief
NYDFS offers cyber rule compliance template for small businesses

2024-05-14T16:59:00Z By Aaron Nicodemus

The New York State Department of Financial Services issued guidance for small businesses attempting to comply with its cybersecurity regulations.

More from Regulatory Enforcement

Article
DOJ makes good on corporate-friendly enforcement policy with Balt resolution

2026-03-24T19:09:00Z By Adrianne Appel

The ink was barely dry on the U.S. Department of Justice’s new corporate enforcement policy (CEP) when the agency announced it would not prosecute Balt SAS for alleged bribery violations.
Article
BoA settles class-action related to its dealings with Jeffrey Epstein

2026-03-20T18:24:00Z By Adrianne Appel

Bank of America has agreed to settle a class-action lawsuit alleging know-your-customer and other failings in its dealings with convicted sex offender Jeffrey Epstein.
News Brief
SEC’s Uyeda: ‘Enforcement is the wrong way’ to handle off-channel communications

2026-03-19T21:08:00Z By Aaron Nicodemus

The U.S. Securities and Exchange Commission’s Mark Uyeda told an audience of investment advisers that the SEC will no longer prioritize stand-alone enforcement actions for violations of the SEC’s rules on off-channel communications.

DOJ orders consultants to pay $11.3M total for cyber rule violations

THIS IS MEMBERS-ONLY CONTENT

Related articles

DOJ fines MORSE Corp $4.6M for lax cyber controls amid crack down on federal contractors

SEC orders R.R. Donnelley to pay $2.1M over cyber-related control violations

NYDFS offers cyber rule compliance template for small businesses

More from Regulatory Enforcement

DOJ makes good on corporate-friendly enforcement policy with Balt resolution

BoA settles class-action related to its dealings with Jeffrey Epstein

SEC’s Uyeda: ‘Enforcement is the wrong way’ to handle off-channel communications