"Wary of alarming investors, companies victimized by ransomware attacks often tell the SEC that “malware” or a “security incident” disrupted their operations... ...Because attacks cost money, affect operations and expose cybersecurity vulnerabilities, they sometimes meet the definition used by the SEC of a “material” event ... Material events must be reported in public filings, and failure to do so could spur SEC action or a shareholder lawsuit... ...Yet some companies worry that acknowledging a ransomware attack could land them on the front page, alarm investors and drive down their share price. As a result, although many companies cite ransomware in filings as a risk, they often don’t report attacks or describe them in vague terms, according to experts in securities law and cybersecurity..." [Long Read] NB: Original Propublica story hard to read cuz of large "Donate" Banner -- Reprinted here in easier to read format: https://www.rawstory.com/2019/12/like-voldemort-ransomware-is-too-scary-to-be-named/ https://www.propublica.org/article/like-voldemort-ransomware-is-too-scary-to-be-named
