Form 8-K












Pursuant to Section 13 or 15(d)

of The Securities Exchange Act of 1934

Date of Report (Date of earliest event reported): April 17, 2018




(Exact name of registrant as specified in its charter)




Delaware   000-30171   68-0359556

(State or other jurisdiction

of incorporation)



File Number)


(IRS Employer

Identification No.)

501 Canal Blvd., Richmond, California 94804

(Address of principal executive offices) (Zip Code)

(510) 970-6000

(Registrant’s telephone number, including area code)

Not Applicable

(Former name or former Address, if changed since last report)



Check the appropriate box below if the Form 8-K filing is intended to simultaneously satisfy the filing obligation of the registrant under any of the following provisions (see General Instruction A.2. below):


Written communications pursuant to Rule 425 under the Securities Act (17 CFR 230.425)


Soliciting material pursuant to Rule 14a-12 under the Exchange Act (17 CFR 240.14a-12)


Pre-commencement communications pursuant to Rule 14d-2(b) under the Exchange Act (17 CFR 240.14d-2(b))


Pre-commencement communications pursuant to Rule 13e-4(c) under the Exchange Act (17 CFR 240.13e-4(c))

Indicate by check mark whether the registrant is an emerging growth company as defined in Rule 405 of the Securities Act of 1933 (§230.405 of this chapter) or Rule 12b-2 of the Securities Exchange Act of 1934 (§240.12b-2 of this chapter).

Emerging growth company  ☐

If an emerging growth company, indicate by check mark if the registrant has elected not to use the extended transition period for complying with any new or revised financial accounting standards provided pursuant to Section 13(a) of the Exchange Act.  ☐




Item 8.01 Other Events.

On April 17, 2018, Sangamo Therapeutics, Inc. (the “Company”) announced a data security incident involving the compromise of a senior executive’s Company email account. Upon learning of the incident on March 28, 2018, external network security experts were promptly engaged, and the incident response team worked diligently to investigate the incident. The Company also promptly notified federal law enforcement of the incident. The investigation concluded that the incident was limited to the compromise of the senior executive’s Company email account for approximately 11 weeks. The investigation did not reveal any evidence that the Company’s network or other information technology systems were otherwise compromised in connection with the incident or that the incident resulted in the disclosure of or access to personal information about patients or other individuals besides the holder of the Company email account that was affected. However, proprietary, confidential and other sensitive information of the Company and other entities was accessed and may have been compromised as a result of the incident. The Company is continuing to analyze the effects of the incident, along with appropriate remediation of the Company’s information technology systems, and that analysis and the related remediation efforts could ultimately reveal that other Company information technology systems were compromised and/or that additional information was revealed or compromised.

In connection with the data security incident, the Company is also filing information for the purpose of supplementing and updating the risk factor disclosures contained in its prior public filings, including those discussed under the heading “Item 1A. Risk Factors” in the Company’s Annual Report on Form 10-K for the year ended December 31, 2017, filed with the SEC on March 1, 2018. The updated risk factor disclosures are filed herewith as Exhibit 99.1 and are incorporated herein by reference.


Item 9.01 Financial Statements and Exhibits.

(d) Exhibits






99.1    Updated Risk Factors


Pursuant to the requirements of the Securities Exchange Act of 1934, the Registrant has duly caused this report to be signed on its behalf by the undersigned hereunto duly authorized.

DATE: April 17, 2018


  Heather Turner
  Senior Vice President and General Counsel