Close this search box.
Blog » News » R.R. Donnelley and Sons given a $2.1m charge amid data security concerns

R.R. Donnelley and Sons given a $2.1m charge amid data security concerns

R.R. Donnelley charged $2.1m

R.R. Donnelley & Sons Company (RRD) has been at the center of a data security case, a matter of significant regulatory concern, brought forward by the Securities and Exchange Commission (SEC).

The marketing and communications service provider has been charged with internal control failure in relation to a series of 2021 cybersecurity incidents. The investigation was led by Arsen Ablaev of the SEC Crypto Assets and Cyber Unit and Christine S. Bautista of the SEC Chicago Regional Office, underscoring the seriousness of the case.

R.R. Donnelley & Sons in cybersecurity case

R.R. Donnelley’s business is centered around digital standards and cybersecurity. The company has a broad portfolio of public and private sector clients across healthcare, education, legal services, and retail.

So, it would be assumed that a leading name could safeguard sensitive data, but the SEC investigation found the company lacking in many departments. The SEC order found that the company and the third-party contractors hired to build solutions did not have effective disclosure controls and procedures to report relevant cybersecurity information.

As a result, stakeholders and decision-makers at RRD were left unable to make informed decisions on security concerns and breaches in a “timely manner”, highlighting the real-world implications of the company’s data security shortcomings.

“RRD’s controls for elevating cybersecurity incidents to its management and protecting company assets from cyberattacks were insufficient,” said Jorge G. Tenreiro, Acting Chief of the Crypto Assets and Cyber Unit. “RRD did, however, cooperate with our investigation in a meaningful way, which is reflected in the terms of this settlement.”

RRD cooperates with the SEC

The company received positive feedback for being transparent during the investigation. The SEC report stated that RRD “cooperated throughout the investigation, including by reporting the cybersecurity incident to staff prior to filing a disclosure of the incident, by providing meaningful cooperation that helped expedite the staff’s investigation, and by voluntarily adopting new cybersecurity technology and controls.”

However, RRD was found guilty of breaching Section 13(b)(2)(B) of the Securities Exchange Act (SEA) of 1934 and Exchange Act Rule 13a-15a.

The company did not oppose the SEC’s findings and agreed to pay a civil penalty of $2,125,000. RRD has also stated that it will no longer be in breach of the SEA and hopes to rectify these shortcomings.

Image: Ideogram.

About Due’s Editorial Process

We uphold a strict editorial policy that focuses on factual accuracy, relevance, and impartiality. Our content, created by leading finance and industry experts, is reviewed by a team of seasoned editors to ensure compliance with the highest standards in reporting and publishing.

Financial News Writer and Editor
Brian-Damien Morgan, an accomplished journalist and features writer, boasts a rich career that has evolved across various media platforms. With extensive experience in the print sector of several UK newspapers, Brian transitioned seamlessly into the realm of digital broadcasting and specialized financial content creation. Brian now focuses on finance, technology, legal matters, and the wide spectrum of money-related topics.

About Due

Due makes it easier to retire on your terms. We give you a realistic view on exactly where you’re at financially so when you retire you know how much money you’ll get each month. Get started today.


Top Trending Posts

Due Fact-Checking Standards and Processes

To ensure we’re putting out the highest content standards, we sought out the help of certified financial experts and accredited individuals to verify our advice. We also rely on them for the most up to date information and data to make sure our in-depth research has the facts right, for today… Not yesterday. Our financial expert review board allows our readers to not only trust the information they are reading but to act on it as well. Most of our authors are CFP (Certified Financial Planners) or CRPC (Chartered Retirement Planning Counselor) certified and all have college degrees. Learn more about annuities, retirement advice and take the correct steps towards financial freedom and knowing exactly where you stand today. Learn everything about our top-notch financial expert reviews below… Learn More