California Defense Firm and Investor Settle Cybersecurity Violations for $1.75 Million

Two California-based firms—Aero Turbine Inc., a defense contractor in Stockton, and Gallant Capital Partners LLC, a private equity firm in Los Angeles—have agreed to pay a combined $1.75 million to settle allegations of cybersecurity noncompliance tied to a U.S. Air Force contract. The settlement, announced by the Department of Justice, resolves claims under the False Claims Act that the companies knowingly submitted or caused false claims for payment despite failing to meet required security protocols.

Between January 2018 and February 2020, Aero Turbine allegedly neglected to implement key cybersecurity controls designed to protect sensitive defense data. Further, in mid-2019, the companies are accused of improperly sharing files containing sensitive defense information with a third-party software firm based in Egypt, which was not authorized under the terms of the Air Force contract.

Despite these alleged violations, both Aero Turbine and Gallant Capital received credit for their cooperation. After discovering the issues, they submitted multiple written self-disclosures to the government, worked closely with investigators, and implemented corrective actions to address the deficiencies.

The case serves as a clear reminder for defense contractors and affiliated firms about the serious consequences of cybersecurity lapses, especially when federal contracts and classified data are involved. It also highlights the increasing scrutiny under the False Claims Act in the cybersecurity compliance space.