Published on: April 1, 2025
Cambridge-based defense contractor Morse Corp. has agreed to pay $4.6 million to settle allegations that it didn’t follow cybersecurity rules in its contracts with the US Army and Air Force.
The government says Morse Corp. submitted claims for payment while knowing it hadn’t met cybersecurity requirements.
According to the settlement, Morse admitted that from 2018 to 2022, it used a third-party email provider that didn’t meet required security standards. It also failed to fully implement key cybersecurity controls for years, even though those controls were part of its contracts.
“Federal contractors must fulfill their obligations to protect sensitive government information from cyber threats,” U.S. Attorney Leah Foley said. “We will continue to hold contractors to their commitments to follow cybersecurity standards to ensure that federal agencies and taxpayers get what they paid for, and make sure that contractors who follow the rules are not at a competitive disadvantage.”
In 2021, Morse reported a high security compliance score to the Department of Defense, but a later review found the real score was much lower. The company didn’t correct it until months after receiving a subpoena.
“We are pleased with today’s settlement, which further demonstrates the resolve of the Department of the Army Criminal Investigation Division and our law enforcement partners to protect and defend the assets of the United States Army and Department of Defense,” said Special Agent in Charge Keith K. Kelly of the Department of the Army Criminal Investigation Division Fraud Field Office. “We’re committed to protecting the warfighter and maintaining the Army’s operational readiness while holding those who engage in such acts accountable.”
Officials stressed that weak cybersecurity puts sensitive defense data at risk.
“Failure to implement cybersecurity requirements can have devastating consequences,” said Air Force Special Agent William Richards.
The settlement also resolves a whistleblower lawsuit. The whistleblower will receive $851,000 from the settlement.
Source of Article
