us Crime

Logzone Pays $507,144 to Settle Cybersecurity Allegations

By the PureSource Newsroom MISSISSIPPI —

Published 1 min read

Logzone agreed to pay $507,144 to resolve allegations concerning Pentagon cybersecurity compliance. The Justice Department alleged the company knowingly submitted payment claims despite control failures in Mississippi.

MISSISSIPPI — LOGZONE, an Alabama-based logistics services provider, agreed to pay $507,144 to resolve allegations that it misrepresented its compliance with Pentagon cybersecurity requirements. The settlement addresses claims related to two Navy contracts awarded between 2021 and 2022.

The Justice Department alleged that the company failed to implement required security controls under NIST Special Publication 800-171, despite contractual mandates. These contracts involved logistics, inventory management, and facility support services at the Naval Oceanographic Command in Mississippi. The company received over $682,000 under these contracts, which extended through March 2025.

NIST SP 800-171 establishes cybersecurity requirements for defense contractors handling controlled unclassified information on non-federal systems. The framework includes 110 security controls covering areas such as access management, incident response, system monitoring, and risk management. Navy contracts required the company to implement these controls and report cybersecurity assessment scores through the Defense Department's Supplier Performance Risk System.

In October 2021, the company submitted a self-assessment score of 110. However, a 2024 review by the Defense Industrial Base Cybersecurity Assessment Center determined that the company's actual cybersecurity score was negative 170. The Justice Department alleged that the company knowingly submitted payment claims between 2021 and 2025 despite failing to comply with the required cybersecurity controls.

The settlement includes $253,572 in restitution. The agreement resolves potential civil liability under the False Claims Act. The settlement does not include an admission of liability by the company. Defense contractors have been required to implement cybersecurity controls under Defense Federal Acquisition Regulation Supplement clauses for the protection of sensitive government information. The cybersecurity requirements the company failed to implement correspond to Cybersecurity Maturity Model Certification Level 2.

fact_check Facts

Relevance: supporting · Type: background
Confidence100%
LOGZONE is an Alabama-based logistics services provider.
Relevance: primary · Type: event
Confidence100%
LOGZONE agreed to pay $507,144 to resolve allegations that it misrepresented its compliance with Pentagon cybersecurity requirements while contracting with the Navy.
Relevance: primary · Type: action
Confidence100%
The Justice Department alleged that LOGZONE failed to implement required security controls under NIST Special Publication 800-171 despite contractual mandates.
Relevance: supporting · Type: background
Confidence100%
The settlement relates to two contracts awarded by the Navy between 2021 and 2022 for logistics, inventory management, and facility support services at the Naval Oceanographic Command in Mississippi.
Relevance: supporting · Type: background
Confidence100%
LOGZONE received more than $682,000 under the contracts through March 2025.
Relevance: supporting · Type: background
Confidence100%
NIST SP 800-171 establishes cybersecurity requirements for defense contractors handling controlled unclassified information on non-federal systems.
Relevance: supporting · Type: background
Confidence100%
The NIST SP 800-171 framework includes 110 security controls covering access management, incident response, system monitoring, and risk management.
Relevance: supporting · Type: background
Confidence100%
Navy contracts required LOGZONE to implement NIST SP 800-171 controls and report cybersecurity assessment scores through the Defense Department's Supplier Performance Risk System.
Relevance: primary · Type: event
Confidence100%
LOGZONE submitted a self-assessment score of 110 in October 2021.
Relevance: primary · Type: action
Confidence100%
A 2024 review by the Defense Industrial Base Cybersecurity Assessment Center determined that LOGZONE's actual cybersecurity score was negative 170.
Relevance: primary · Type: action
Confidence100%
The Justice Department alleged that LOGZONE knowingly submitted payment claims between 2021 and 2025 despite failing to comply with required cybersecurity controls.
Relevance: primary · Type: background
Confidence100%
The settlement includes $253,572 in restitution.
Relevance: primary · Type: event
Confidence100%
The agreement resolves potential civil liability under the False Claims Act and does not include an admission of liability by LOGZONE.
Relevance: supporting · Type: background
Confidence100%
Defense contractors have been required to implement cybersecurity controls under Defense Federal Acquisition Regulation Supplement clauses for the protection of sensitive government information.
Relevance: supporting · Type: background
Confidence100%
The Defense Department established the Cybersecurity Maturity Model Certification program in 2019.
Relevance: supporting · Type: background
Confidence100%
The cybersecurity requirements LOGZONE failed to implement correspond to Cybersecurity Maturity Model Certification Level 2.

forum Comments (0)

No comments yet. Be the first to comment.

Logzone Pays $507,144 to Settle Cybersecurity Allegations

forum Comments (0)

Related Articles