Eleven years after a whistleblower first reported to the government that Cisco had sold defective video surveillance software to federal and state agencies the company agreed to pay $8.6 million to settle the issue.
This settlement is the first whistleblower case successfully litigated under the False Claims Act, which imposes liability on persons and companies who defraud governmental programs, and in this incident covers Cisco software that was sold to a variety of federal government agencies, 15 states and the District of Columbia.
The whistleblower, James Glenn, said in the claim that the software issue had been in place since 2008.
“James Glenn was working for a Cisco distribution partner in Denmark when he first discovered and reported to Cisco that its Video Surveillance Manager, a bundled, centralized video surveillance system, could be easily exploited,” said Constantine Cannon LLP, the legal team representing Glenn, said in a statement.
The legal team said Glen had informed Cisco that if exploited the vulnerabilities would allow unauthorized access to stored data, bypass physical security systems, and gain administrative-level access to the agency’s network. However, the legal team claimed no action was taken and continued to sell the product.