On March 8, 2022, just five months after the creation of the Department of Justice’s (“DOJ”) new Civil Cyber-Fraud Initiative (previously discussed here), the DOJ announced its first settlement of a cyber-related fraud case. Under the settlement agreement, Comprehensive Health Services LLC (“CHS”) will pay $930,000 to resolve whistleblower allegations that it violated the False Claims Act by (among other things) failing to properly store and handle confidential information. This likely is just the start for increased cyber-related enforcement actions.


Continue Reading Well, That Didn’t Take Long – DOJ Announces its First Settlement of a Civil Cyber-Fraud Case

On March 2, Deputy Assistant Attorney General Richard Powers laid out a significant and aggressive criminal enforcement agenda for the Antitrust Division of the Department of Justice. While speaking at the the ABA National Institute on White Collar Crime in San Francisco, CA, Powers began his remarks by noting that the Division’s Criminal Section currently had 18 indicted cases against 10 companies and 42 individuals, including 8 CEOs or Presidents. DAAG Powers also noted that the Section had 146 open grand jury investigations – more than at any time in the last thirty years and “expect[ed] to stay busy this year and beyond.”

Continue Reading Executives Beware: DOJ Antitrust Division is Taking a Hard Look at a Wide Spectrum of Potential Criminal Violations

On Wednesday, October 6, 2021, the Department of Justice (“DOJ”) announced a new Civil Cyber-Fraud Initiative to enforce cybersecurity standards and reporting requirements. The Initiative will use DOJ’s civil enforcement mechanisms, namely the False Claims Act, to pursue government contractors and federal grant recipients that “knowingly provid[e] deficient cybersecurity products or services, knowingly misrepresent[] their cybersecurity practices or protocols, or knowingly violat[e] obligations to monitor and report cybersecurity incidents and breaches.” DOJ will not limit enforcement to entities; individuals also can be held accountable for cybersecurity-related fraud. Under the False Claims Act, penalties for such violations could be substantial, including treble damages.

Continue Reading DOJ Announces Civil Cyber-Fraud Initiative To Enforce Contractor Cybersecurity Compliance