Cisco Systems whas been ordered to pay out $8.6 million to various states and governments in the US as part of a settlement over vulnerable surveillance software the company knowingly sold to the government.
Law firm Philips & Cohen filed a whistleblower lawsuit after its client unveiled that Cisco knew the software it was selling to the government could easily be hacked.
The company fixed the flaw in the meantime, but will end up paying $2.6 million to the federal government. The remaining six million will go to 15 states, cities, counties, other political subdivisions, as well as the District of Columbia.
Cisco settled the lawsuit with California, Delaware, Florida, Hawaii, Illinois, Indiana, Minnesota, Nevada, New Jersey, New Mexico, New York, North Carolina, Tennessee, Massachusetts and Virginia.
The software in question is called “Video Surveillance Manager” and it was being procured seven years, between 2007 and 2014.
“Cybersecurity products are an important piece of government spending these days, and it’s essential that those products comply with critical regulatory and contractual requirements,” said Claire M. Sylvia, a whistleblower attorney and partner at Phillips & Cohen. “The tech industry can expect whistleblowers to continue to step forward when serious problems are ignored, thanks to laws that reward and protect them.”
Cisco’s software allows its clients to manage multiple video cameras through a centralised server. The government used it for, among other things, to coordinate multiple cameras at various locations.