Symantec Corp. (SYMC), the biggest maker of computer-security software, said it may be required to pay as much as $145 million in damages as a result of a U.S. government investigation into its sales and pricing practices.

The figure was disclosed in a meeting Symantec had with government representatives in January, where the company was informed about the assessment of its potential liability, Mountain View, California-based Symantec said in a regulatory filing yesterday.

Symantec said in 2012 that the civil divisions of the U.S. Department of Justice and the U.S. Attorney’s Office for the District of Columbia were investigating the company’s compliance with government-contracting rules.

“We are fully cooperating with the investigation and in January 2014 met with representatives of the government who presented us with an initial analysis of our actual damages exposure in the amount of approximately $145 million,” Symantec said in the filing. “We are currently in the process of evaluating the government’s initial analysis. It is possible that the investigation could lead to claims or findings of violations of the False Claims Act, and could be material to our results of operations and cash flows for any period.”

Symantec is “confident that we will reach resolution on this matter in a timely fashion,” Colleen Lacter, a company spokeswoman, said in a statement.