The SEC concluded that four tech companies misled investors and minimized the damage they suffered from the SolarWinds supply chain hack.

The firms minimized how their systems were affected by the breached software, the Securities and Exchange Commission said.

The Securities and Exchange Commission fined four cybersecurity companies for downplaying to investors the impact the 2020 Russian hack of SolarWinds had on their own systems. Why it matters: It's rare to see companies come under regulatory fire for cybersecurity disclosures.

Check Point Software (NASDAQ:CHKP) is among a group of four companies that have been fined by the Securities and Exchange Commission for "misleading cyber disclosures" related to the SolarWinds (NYSE:SWI) hack.

Unisys Corp, Avaya Holdings, Check Point Software, and Mimecast—for allegedly misleading investors about the impact of their breaches during the massive 2020 SolarWinds Orion hack.

Four hacked companies will pay a total of almost $7 million to settle US Securities and Exchange Commission allegations that they downplayed the significance of the cyberattacks, the latest fallout from the massive SolarWinds Corp.

The companies include IT security firm Check Point and email security provider Mimecast, which were ensnared in the SolarWinds breach four years ago.

Unisys, Avaya, Check Point, and Mimecast settled with the agency without admitting or denying wrongdoing Four high-profile tech companies reached an agreement with the Securities and Exchange Commission to pay millions of dollars in penalties for misleading investors about their exposure to the 2020 SolarWinds hack.