HALO, an Illinois-based advertising company, has experienced a significant breach, leading to the compromise of private data belonging to thousands of individuals. According to reports submitted to the Maine Attorney General, the breach occurred on November 22nd, 2023, but the affected clients were only notified on March 28th, 2024. Threat actors managed to infiltrate HALO’s computer systems, bypassing security defenses and accessing files containing sensitive information.
The data compromised includes personal information provided to HALO Human Resources for tax or benefits purposes, such as names, dates of birth, and Social Security numbers. A total of 7,305 individuals are reported to have been affected by the breach. In response to the incident, HALO has engaged external cybersecurity experts to conduct an investigation and is actively monitoring the Dark Web for any signs of data leaks.
Additionally, HALO has announced measures to support affected individuals, including offering credit and identity protection services free of charge for 12 months. Despite the breach, HALO reassures its clients of its commitment to security and states that it is working diligently to address the issue and prevent future occurrences. With over 40 offices worldwide and a workforce of more than 1,500 employees, HALO provides various services, including branded merchandise, uniform programs, and employee recognition solutions.
