Aerojet Rocketdyne Inc. has agreed to pay $9 million to resolve allegations it violated the False Claims Act by misrepresenting its compliance with cybersecurity requirements in certain federal contracts, the Justice Department announced.
Aerojet provides propulsion and power systems for launch vehicles, missiles and satellites and other space vehicles to the Defense Department, NASA and other federal agencies.
The settlement resolves a lawsuit filed and litigated by former Aerojet employee Brian Markus against Aerojet under the qui tam or whistleblower provisions of the False Claims Act, which permit a private party (known as a relator) to file a lawsuit on behalf of the U.S. and receive a portion of any recovery.
“Whistleblowers with inside information and technical expertise can provide crucial assistance in identifying knowing cybersecurity failures and misconduct,” said Principal Deputy Assistant Attorney General Brian M. Boynton, head of the Justice Department’s civil division.
Markus and Aerojet reached a settlement of the case on the second day of trial. Markus will receive $2.61 million as his share of the False Claims Act recovery.
“The qui tam action brought by Mr. Markus is an example of how whistleblowers can contribute to civil enforcement of cybersecurity requirements through the False Claims Act,” said U.S. Attorney Phillip A. Talbert for the Eastern District of California.
On Oct. 6, the deputy attorney general announced the department’s Civil Cyber-Fraud Initiative, which aims to hold accountable entities or individuals who put U.S information or systems at risk by knowingly providing deficient cybersecurity products or services; knowingly misrepresenting their cybersecurity practices or protocols; or knowingly violating obligations to monitor and report cybersecurity incidents and breaches.
The claims resolved by the settlement are allegations only and there has been no determination of liability.