On August 16, 2021, the Securities and Exchange Commission imposed a cease-and-desist order and a $1 million civil penalty on Pearson plc, finding violations of the negligence-based antifraud provisions of the Securities Act.
The Commission’s order finds that Pearson made misleading statements and omissions about a 2018 data breach involving the theft of student data and administrator log-in credentials of 13,000 school, district and university customer accounts. The order notes that while Pearson’s periodic filings with the Commission contained risk-factor disclosure identifying that “malicious attack[s] on our systems” could result in a “‘major data privacy or confidentiality breach,’” the company re-issued that risk-disclosure language without disclosing that precisely such a major breach had occurred just a few months earlier. The SEC also found that Pearson’s response to media inquiries concerning the breach was materially misleading, because its press statement downplayed the scale and seriousness of the breach and implied that certain types of personal data may have been obtained, when Pearson knew that such data had, in fact, been stolen.
The Commission also concluded that Pearson failed to maintain disclosure controls and procedures properly designed to analyze and assess cybersecurity incidents such that management was able to make appropriate and accurate disclosure decisions.
This Commission’s order follows its June 15, 2021 order involving First American Financial we discussed here and underscores the Commission’s focus on cybersecurity disclosures, particularly when a material cyber breach is involved.
KMK Law articles and blog posts are intended to bring attention to developments in the law and are not intended as legal advice for any particular client or any particular situation. The laws/regulations and interpretations thereof are evolving and subject to change. Although we will attempt to update articles/blog posts for material changes, the article/post may not reflect changes in laws/regulations or guidance issued after the date the article/post was published. Please consult with counsel of your choice regarding any specific questions you may have.
ADVERTISING MATERIAL.
© 2023 Keating Muething & Klekamp PLL. All Rights Reserved
- Partner
Jim Kennedy practices in the Business Representation & Transactions Group. The focus of his practice is corporate, securities, and financing law, where he has extensive experience in mergers, acquisitions and ...
- Partner
Mark Reuter advocates for business clients in transactions, proceedings and conflicts regulated by federal and state securities laws and stock exchange rules. A partner in the firm’s Business Representation & Transaction ...
- Partner
As a partner in the firm’s Business Representation & Transactions Group, Allie Westfall’s insight and proven analytical skills help translate the complexities of the often-challenging securities laws. Allie’s counsel ...
- Partner
Chris Brinkman practices in the firm's Business Representation & Transactions Group with a concentration in venture capital transactions, start-ups & growth companies, securities, and mergers and acquisitions.
Chris ...
- Associate
Michael Goldman counsels businesses and investors on a broad range of general corporate transactions, with a particular focus on the sports and entertainment industry and commercial transactions involving technology ...
Topics/Tags
Select- Securities Law
- SEC
- Nasdaq
- Securities Regulation
- Clawback Rules
- Corporate Law
- Coronavirus
- Cybersecurity and Privacy Law
- Mergers & Acquisitions
- Economic Sanctions
- Ohio LLC Act
- Tax Planning
- Dodd-Frank
- IRS
- Paycheck Protection Program
- Corporate Tax
- JOBS Act
- Cybersecurity Regulation
- FAST Act
- Proxy Access Rules
- Securities Litigation
- Corporate Governance
- Consumer Protection Act
- SEC Enforcement
- Crowdfunding
- Cryptocurrency
- Hedging
- Conflict Minerals
- Real Estate Law
- Taxation
- Emerging Growth Companies
- Investors
- Private Offerings
- Pay Ratio Disclosure
- Whistleblower
- Intellectual Property
- Technology
- Opportunity Zone
- LIBOR
- Accredited Investors
- Sales Tax
- United States Supreme Court
- Online Trading Platforms
- Executive Compensation
- Health Care Act
- IPO
- Registration Statement
- Annual Reports
- Wall Street Reform
- Ohio Foreclosure Reform
- Director Compensation
- Family-Controlled Entities
- Gift and Estate Transfers
- Board of Directors
- Director Independence
- Total Shareholder Return
- Cyber Insurance
- Data Breach
- Lenders
- Receivership Statute
- Regulation A
- Regulation D
- Compensation Committee Certification
- CDEs
- CDFI Fund
- Community Development Entities
- Community Development Financial Institutions Fund
- Government Shutdown
- New Markets Tax Credit
- NMTC
- NMTC Financing
- Regulation Fair Disclosure
- Social Media
- Benefits
- Healthcare Reform
- Litigation
- Marketing
- Public Company Transition Rules
- Employment Incentives
- HIRE Act
- Social Security Tax
- Tax Credit
Recent Posts
- NYSE and Nasdaq Propose Clawback Listing Standards: What You Need to Know
- Corporate Transparency Act Update – FinCEN Issues Notice of Proposed Rulemaking
- SEC Amends Insider Trading Rules: New Conditions, Requirements, and Related Disclosures
- SEC Reopens Comment Period for 11 Proposed Rules Due to Technological Error
- Corporate Transparency Act Update—FinCEN Issues Final Rule
- SEC Provides Sample Guidance on Disclosure of Russia-Ukraine Invasion
- Proposed SEC Climate-Related Disclosure Requirements
- Proposed SEC Cybersecurity Rules
- International Unrest and its Impact on M&A
- The United States Ramps Up Severe Economic Sanctions on Russia and Export Controls