The Illinois-based advertising company, HALO, has become the victim of a significant data breach, resulting in the unauthorized access and theft of private data belonging to thousands of individuals within the company’s systems. The breach, identified in a report to the Maine Attorney General, occurred on November 22nd, 2023, with affected clients notified on March 28th about threat actors accessing HALO’s computer systems. In total, 7,305 people were impacted by the breach, which involved the compromise of data provided to HALO Human Resources for tax or benefits purposes, including sensitive information such as names, dates of birth, and Social Security numbers.
HALO has responded to the breach by engaging external cybersecurity experts to investigate the incident and actively monitoring the Dark Web for any leaked data. Furthermore, the company has taken a proactive stance by offering credit and identity protection services to the affected individuals for 12 months, free of charge. With HALO’s extensive global presence, spanning more than 40 offices worldwide and employing over 1,500 individuals, the breach has raised concerns about the security of private data and the company’s ability to safeguard sensitive information. The company’s core activities revolve around providing branded merchandise, uniform programs, and employee recognition and incentive solutions, underscoring the need for robust security measures to protect sensitive employee and client data.
