The federal government recently encouraged the equivalent of a bug bounty program, looking for individuals who are aware of cybersecurity vulnerabilities in companies that hold government data.

If you are aware of weak cybersecurity practices by a company that maintains government data, you may be able to file a claim under the False Claims Act (FCA). Cybersecurity whistleblowers who have exposed data security gaps and cybersecurity fraud have been rewarded with millions of dollars.

Who Can File a Cybersecurity Whistleblower Claim?

Anyone. Most often, cybersecurity whistleblowers are information technology professionals, data privacy specialists, hackers, or even regular employees. However, this list is not exhaustive. You don’t need to be a company insider in order to file a claim seeking a monetary award.

If you think a company has insufficient data security, contact one of our lawyers.

Who Can Be Liable for These Claims?

Each year, thousands of companies contract with the government and are responsible for maintaining government data. If any of these organizations fails to protect that sensitive information, they may be the subject of a whistleblower action.

A government contractor could be any organization that enters into business with the government. This includes many large companies, such as: Amazon, Lockheed Martin, Verizon, General Dynamics Information Technology, Pfizer, IBM, Raytheon.

If you are unsure if a company has a contract with the government, our experienced whistleblower attorneys are available for a free consultation.

Cybersecurity Fraud Settlements and Whistleblower Rewards

Whistleblowers have received millions of dollars for exposing cybersecurity vulnerabilities and other government fraud.

  • In May 2017, a software technician received approximately $30 million from a $155 million settlement after exposing data portability weaknesses in the software system of eClinicalWorks, one of the largest vendors of electronic health records software.
  • In July 2019, an employee of a Cisco partner became a whistleblower against Cisco Systems when he discovered vulnerabilities in a video surveillance software that was sold to the US government. He received $1.6 million from a settlement of $8.6 million.
  • In April 2022, a senior director of cybersecurity received part of a $9 million settlement after filing a whistleblower lawsuit against Aerojet Rocketdyne Holdings for misleading the government about their compliance with cybersecurity regulations.
  • In March 2019, Duke University settled a lawsuit for $112.5 million after a whistleblower exposed the falsification of data for federal grants. That individual received over $33 million from the settlement.
  • In February 2022, a whistleblower was awarded $10.9 million from a $48.5 million settlement resolving claims against TriMark USA for mishandling government contracts.

Our Whistleblower and Data Privacy Experience

Our whistleblower and data privacy attorneys are uniquely qualified to understand and assess your concerns about a potential cybersecurity vulnerability. We have specialized knowledge about cybersecurity controls, industry standard IT practices, hacking techniques, and information security frameworks. We have also been involved in some of the largest data security lawsuits in the country.

If you know of a cybersecurity vulnerability, we can help you assess your potential claims. We are based in Oakland, California, but have a national practice and take cases anywhere in the United States.

Our Cybersecurity Whistleblower Attorneys

David Berger

David Berger

David represents consumers in class actions with a special emphasis on data breach, privacy, and financial services litigation. He has represented data breach victims in some of the largest and most influential privacy cases.

Eric Gibbs

Eric has served in leadership positions in a number of high profile, complex financial fraud class action lawsuits. He has been recognized as a Law360 MVP for Consumer Protection.

Amy Zeman

Amy has built a reputation in the plaintiffs’ bar for delivering results and justice to consumers and sexual assault survivors in class action and mass tort litigation. The Daily Journal named her a Top Woman Lawyer in California for 2021.

Aaron Blumenthal

Aaron Blumenthal represents consumers, employees, and whistleblowers in class action and other complex litigation.

About Us

Gibbs Law Group is a California-based law firm committed to protecting the rights of clients nationwide who have been harmed by corporate misconduct. We represent individuals, whistleblowers, employees, and small businesses across the U.S. against the world’s largest corporations. Our award-winning lawyers have achieved landmark recoveries and over a billion dollars for our clients in high-stakes class action and individual cases involving consumer protection, data breach, digital privacy, and federal and California employment lawsuits. Our attorneys have received numerous honors for their work, including “Top Plaintiff Lawyers in California,” “Top Class Action Attorneys Under 40,” “Consumer Protection MVP,” “Best Lawyers in America,” and “Top Cybersecurity/ Privacy Attorneys Under 40.”