SEC Filing Reveals Fortune 500 Firm Targeted in Ransomware Attack

Fortune 500 integrated services firm R.R.Donnelley & Sons (RRD) is the latest victim of the hacking collective known as the Conti Group. According to regulatory disclosures RRD was the victim of a network breach that resulted in stolen data in December. RRD, a global firm with 33,000 employees, disclosed incident details in its U.S. Securities and Exchange Commission (SEC) 8-K form – filed Dec. 27. The company said it “had recently identified a systems intrusion in its technical environment,” according to the filing. “The Company promptly implemented a series of containment measures to address this situation, including activating its incident response protocols, shutting down its servers and systems and commencing a forensic investigation,” the company disclosed. It also isolated a portion of its technical environment to try to contain the intrusion, the company said. RRD didn’t name the perpetrator of the attack in the filing. However, a published report in BleepingComputing claims it was Conti, citing an online post the cybercriminal group made claiming responsibility and leaking 2.5GB of data allegedly stolen from the company on Jan. 25. At first RRD said it was not aware of any data being stolen in the filing; however, the company revised this position and confirmed Wednesday in a separate SEC filing that data had been stolen in the attack, according to the BleepingComputer report. RRD is working with a third-party cybersecurity expert and law-enforcement in a continued…