SEC Accuses Four Firms of Downplaying SolarWinds-Related Hacks

Four hacked companies will pay a total of almost $7 million to settle US Securities and Exchange Commission allegations that they downplayed the significance of the cyberattacks, the latest fallout from the massive SolarWinds Corp. breach.

Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd. and Mimecast Ltd. misled the public about the seriousness of the attacks when the actors behind the SolarWinds hack breached their systems in 2020 and 2021, the SEC said Tuesday. The companies settled with the regulator without admitting to or denying the allegations.

“Downplaying the extent of a material cybersecurity breach ...