HALO Branded Solutions (asi/356000), the second largest distributorship in the North American promotional products industry, has reported that it was hacked.

The digital criminals were able to gain access to – and acquire files containing – personal information stored in the Illinois-headquartered company’s systems, according to a letter HALO sent affected individuals at the end of March.

Such information reportedly included the names, dates of birth and social security numbers of thousands of people – particularly current and former employees, as well as independent contractors. No other individuals were affected, the company told ASI Media. The information had been provided to human resources for tax and benefits purposes.

HALO reported that the hacking occurred last November.

“Computer systems within our network were accessed by a sophisticated threat actor using techniques to evade detection by our information security defenses,” read the letter signed by HALO CEO Marc Simon, a member of Counselor’s Power 50 list of promo’s most influential people.

Simon continued: “Upon discovering the situation, we promptly took these systems offline, notified law enforcement and engaged cybersecurity experts to investigate.”

More Than
20%
Year over year increase in total number of data breaches in 2023 compared to 2022. (Harvard Business Review)

A data breach notification filed with the state of Maine, where reportedly some compromised individuals live, stated that a total of 7,305 people were affected by the cyberattack on HALO.

The company started its investigation into the incident in November. As research progressed, HALO more recently learned that files copied off of its servers contained the personal information of certain individuals.

Since the incident, HALO has worked with external cybersecurity experts to investigate what happened, with the purpose of strengthening its systems, according to Simon’s letter. The firm is also monitoring the “dark web” for information related to the breach.

“At this time, we are not aware of any actual or attempted misuse of personal information,” the HALO letter read.

Simon told ASI Media that HALO has been recovered from the breach for months. "Since early December, HALO has been operating normally and is confident the incident has been contained," Simon shared.

More Than
360 Million
The number of people during the first eight months of 2023 who were victims of corporate and institutional data breaches. (From research supported by Apple)

To help people whose information was illegally accessed, HALO is offering free fraud assistance for 12 months. It can help with questions surrounding identity theft, the company said. The services are by CyberScout through IdentityForce, which HALO described as a TransUnion company specializing in fraud assistance and remediation services.

HALO is also providing free access to Single Bureau Credit Monitoring, Single Bureau Credit Report and Single Bureau Credit Score services. “These services provide you with alerts for 12 months from the date of enrollment when changes occur to your credit file,” Simon’s letter read. “This notification is sent to you the same day that the change or update takes place with the bureau.”

Additionally, HALO offered identity protection best-practice tips. Individuals should: monitor their credit reports for any activity they do not recognize; place a fraud alert at one of three major credit bureaus – Experian, Equifax and TransUnion; put in place security freezes that will prevent a fraudster from opening new accounts or borrowing money in an identity theft victim’s name; and monitor financial account statements for fraudulent activity, following that up by reporting anything suspicious.

3X
The number of data breaches more than tripled between 2013 and 2022. (From research supported by Apple)

The Rise In Data Breaches

Research shows that data breaches increased more than 20% year over year in 2023 compared to 2022.

Cybersecurity expert Stuart Madnick, the John Norris Maguire Professor of Information Technologies in the MIT Sloan School of Management, says there are three primary reasons for the rise: Companies migrating to cloud storage/usage without proper safeguards; new types of ransomware attacks; and exploitation of more vendor systems.

In a Harvard Business Review article, Madnick wrote that ways to combat these ills include:

• Taking the “time needed to carefully verify that cloud storage is being correctly used.”
• Storing data on computers in encrypted format, “so that only you can read it. So, even if the attacker is able to exfiltrate your data, it cannot be read or used in blackmail.”
• Assessing the cybersecurity readiness of potential vendors
• Limiting data to which vendors have access

98%
of organizations have a relationship with a vendor that experienced a data breach within the last two years. (From research supported by Apple) 

HALO is far from the only promo products company to have been compromised by a cyberattack in recent years.

Like other businesses across industries, promotional products suppliers and distributors have increasingly been targeted and victimized by hackers. Top 40 suppliers that include Hit Promotional Products (asi/61125), alphabroder (asi/34063) and Bag Makers (asi/37940) have been among those to suffer breaches that disrupted business.

Stay vigilant: Con artists are posing as #promoproducts suppliers, targeting industry distributors with a malware-fueled scam.https://t.co/NbVzJB8yDh@asicentral

— Chris Ruvo (@ChrisR_ASI) March 22, 2024

Meanwhile, MV Sport/The Game (asi/68318) sustained an attack in September/October 2022. Aakron Line (asi/30270) dealt with a malware issue. HanesBrands (asi/59528) was compromised. Essent Corporation, a promo-focused business management platform, fell prey to an encryption attack in late 2022. Cybersecurity testing can help protect against attacks.

ASI Media has also reported extensively on an apparent rise in organized scammers trying to con industry firms into providing products for which the crooks will never pay. Another variant of the scheme was reported in March. Also last month, ASI Media shared that scammers are posing as promo suppliers to advance malware swindles.