Defense contractor LOGZONE Inc. of Huntsville, Alabama has agreed to pay $507,144 to resolve its liability under the False Claims Act for knowingly failing to comply with cybersecurity requirements in contracts with the Department of the Navy.
“Government contractors that obtain sensitive defense information in administering their contracts must follow required cybersecurity standards,” said Assistant Attorney General Brett A. Shumate of the Justice Department’s Civil Division. “The Justice Department will continue to investigate potential violations of these cybersecurity requirements in order to protect this critical information from external threats.”
“The protection of sensitive defense information by government contractors is critical to national security,” said U.S. Attorney Phillip W. Williams Jr. for the Northern District of Alabama. “Adherence to the cybersecurity provisions of contracts with the federal government must be a priority for all contractors, and this enforcement action should serve as a reminder of that.”
“The cybersecurity provisions of federal contracts are critical to protecting sensitive information that may be transmitted in carrying out the mission of the contracts,” said Navy Vice Admiral Stephen Tedford, Director of the Defense Contract Management Agency. “DCMA will continue to ensure that contractors are fulfilling these obligations.”
The settlement resolves allegations under the False Claims Act that LOGZONE knowingly submitted false or fraudulent claims for payment on two Navy contracts for which LOGZONE had not complied with the contracts’ cybersecurity requirements. From May 2021 to March 2025, LOGZONE allegedly failed to implement certain cybersecurity controls in National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 that, if not implemented, could lead to significant exploitation of the system or exfiltration of sensitive defense information. These issues were identified when the Defense Contract Management Agency assessed LOGZONE’s implementation of NIST SP 800-171 security controls, which resulted in LOGZONE receiving a score of -170, at the low end of the possible score range of -203 to 110.
The resolution obtained in this matter was the result of a coordinated effort between the Justice Department’s Civil Division, Commercial Litigation Branch, Fraud Section and the U.S. Attorney’s Office for the Northern District of Alabama with assistance from the Department of the Navy Office of the General Counsel, NCIS, the Department of the Army Criminal Investigation Division, and the Defense Contract Management Agency’s Defense Industrial Base Cybersecurity Assessment Center.
This year the Administration launched the Task Force to Eliminate Fraud and the National Fraud Enforcement Division to enhance the Administration’s war on fraud, waste, and abuse in federal programs. When unscrupulous actors exploit these programs for their own financial gain, they defraud the government, harm the people these programs are designed to aid and protect, and undermine American businesses that play by the rules. The Civil Division’s FCA enforcement plays a critical role in combatting such fraudulent schemes, recovering billions of dollars for the American taxpayers, and holding wrongdoers accountable. FCA matters will continue to be on the forefront of the battle against fraud, and the Civil Division’s FCA work will support and advance the mission of the Task Force to Eliminate Fraud and the National Fraud Enforcement Division.
The matter was handled by Fraud Section Trial Attorney Graham D. Welch and Assistant U.S. Attorney Don Long for the Northern District of Alabama.
The claims resolved by the settlement are allegations only, and there has been no determination of liability.
