On Oct. 22, 2024, the Securities and Exchange Commission announced that it charged four technology companies with making materially

Unisys, Avaya, Check Point, and Mimecast will each pay civil penalties to settle the agency’s charges that they downplayed the impacts of the hack through their respective public disclosures. The Securities and Exchange Commission fined four companies on Tuesday with misleading investors about the impact the 2020 hack of SolarWinds had on their own systems.

The SEC concluded that four tech companies misled investors and minimized the damage they suffered from the SolarWinds supply chain hack.

SEC charges four companies for misleading disclosures regarding the SolarWinds cyberattack, imposing fines totaling $6 million.

The companies include IT security firm Check Point and email security provider Mimecast, which were ensnared in the SolarWinds breach four years ago.

Four hacked companies will pay a total of almost $7 million to settle US Securities and Exchange Commission allegations that they downplayed the significance of the cyberattacks, the latest fallout from the massive SolarWinds Corp.

Analyst says there are lessons for CSOs in the contents of the SEC rulings, though ‘enforcement action is specific to investors.’

The SEC announces penalties against Unisys, Avaya, Check Point and Mimecast for downplaying the impact of the SolarWinds Orion hack.

The firms minimized how their systems were affected by the breached software, the Securities and Exchange Commission said.