Incident Details
SEC charges R.R. Donnelley for violating internal controls and disclosure laws due to a ransomware attack response, leading to data breach and $2.125M penalty.
Incident
How Did the Breach Happen?
RRD failed to effectively manage alerts from intrusion detection systems, allowing a ransomware attack to compromise their network.
What Data has been Compromised?
70 gigabytes of data were exfiltrated, including personal identification and financial information of 29 clients.
Why Did the company's Security Measures Fail?
Lack of timely response, insufficient resource allocation, failure to investigate alerts, and inadequate oversight of third-party security service provider.
What Immediate Impact Did the Breach Have on the company?
RRD had to shut down servers, notify clients and government agencies, pay a $2.125M civil penalty, and face SEC charges.
How could this have been prevented?
By properly managing alerts, conducting timely investigations, allocating resources effectively, and overseeing third-party service providers.
What have we learned from this data breach?
The importance of robust cybersecurity incident controls and procedures, timely response to alerts, clear communication, and effective oversight.
Summary of Coverage
R.R. Donnelley faced SEC charges and a $2.125M penalty for failing to respond effectively to a ransomware attack, highlighting the need for better cybersecurity measures.