Three years after two Georgia Tech cybersecurity officials filed suit claiming the institution had fabricated scores submitted to the Department of Defense (DOD) regarding its safeguards for federal research projects, the institution, along with Georgia Tech Research Corporation (GTRC), agreed to pay $875,000.
The amount resolves False Claims Act (FCA) allegations that Georgia Tech’s work for the Air Force and Defense Advanced Research Projects Agency, part of DOD, did not comply with required security safeguards and thus was fraudulent.
Although the settlement amount pales in comparison to what was expected and based on previous settlements under what the Biden administration called the Civil Cyber-Fraud Initiative—including $1.25 million that Pennsylvania State University paid last year—Julie Bracker, the whistleblower attorney who brought both cases, told RRC her firm has “more than a dozen” similar cases filed under seal, with more in the works.
Thus, universities and other research organizations that must meet cybersecurity requirements shouldn’t assume they’ll get off lightly if similarly accused. Of course, defending against such accusations is often more costly than settlement payments themselves.
Georgia Tech and GTRC did not admit to wrongdoing as part of the settlement, a position they have maintained since the case began, generally arguing the contracts were for basic research that was exempt from certain cybersecurity protocols. Penn State also didn’t admit...
Over the course of the six-week shutdown — which may be ending soon — President Donald Trump has repeatedly made the false claim that Democrats “want $1.5 trillion for health care for illegal alien...