SEC Charges Public Company For Alleged Misleading Disclosures Surrounding Ransomware Attack

March 17, 2023

On March 9, 2023, the Securities and Exchange Commission (“SEC”) brought an enforcement action against a public company, Blackbaud Inc. (“Blackbaud” or the “Company”), alleging that it had made misleading disclosures about a 2020 ransomware attack.

This is the fourth SEC settled enforcement action concerning disclosures following a cyberattack. This development highlights increased regulatory scrutiny that public companies face related to cyberattacks and serves as a potential prelude to the SEC’s aggressiveness in enforcing its upcoming revised rules on cybersecurity incident disclosures.

Please click here to continue reading on the Cleary Cybersecurity and Privacy Watch blog.

Jonathan S. Kolodner
New York
Rahul Mukhi
New York
Jackie M. Brune
Washington, D.C.

Select a Category

Select a Practice or Industry

Select a role

Select a location

Select a location

Select a location

About Us

Americas

Asia

Europe, Middle East & Africa

SEC Charges Public Company For Alleged Misleading Disclosures Surrounding Ransomware Attack