January 29, 2020
Bag Makers Fully Operational After Malware Attack
Hackers struck the Top 40 supplier on Jan. 13, but critical business systems have now been restored.
Bag Makers (asi/37940), a Top 40 promotional products supplier, said Wednesday that it has resumed full operations following a Jan. 13 malware attack on its information technology systems.
The Union, IL-based company, which is Counselor’s 2020 Supplier of the Year, said that most critical business systems have been restored. These include phones, email, website, ERP business software, and shipping. “Customers can contact the company through normal communication channels for quotes, orders, and order status inquiries,” Bag Makers said in a statement.
As Bag Makers grappled with the malware over the last two weeks, the firm was still able to manually process, produce and ship orders, despite not having certain key systems operational.
“Our IT team and third-party consultants worked tirelessly and around the clock to restore our systems and ensure all systems are now free of the malware,” CEO Maribeth Sandford said. “We are grateful to these dedicated team members for their expertise and problem-solving approach. We also want to thank our entire staff, who implemented creative and smart ways to continue working and keep orders moving for customers despite the challenges we faced. Finally, we want to thank our customers and friends in the industry for the outpouring of support and patience shown as we worked to resolve this difficult situation.”
While systems are again operational, Bag Makers noted that it is working through the backlog of manually-processed orders that need to be finalized and entered into its electronic system. The company is also continuing to process new orders. “Customers should anticipate short-term processing and invoicing delays until this backlog is resolved,” Bag Makers said in statement. “In addition, while the company is not yet guaranteeing standard production times, it is working hard to maintain established timeframes and will contact customers if there are issues meeting a requested ship date.”
With reported 2018 North American promotional product revenue of $56.1 million, Bag Makers ranked 27th on Counselor’s latest list of the largest suppliers in the industry.
The malware offensive on Bag Makers is one of a growing number of hacker attacks on companies in the $25.8 billion promotional products industry.
In October 2019, alphabroder (asi/34063), promo’s largest supplier, suffered a malware attack that temporarily crippled its order processing and shipping platform. Ultimately, the Trevose, PA-based company paid a ransom in connection with the cyber assault.
Then, in November, two Top 40 distributors fell prey to a phishing scam that swindled the firms out of more than $100,000 combined. In the deviously subtle scheme, the hackers emailed the distributors from an email address featuring a domain that was nearly identical – but for one letter – to the legitimate email address for a Top 40 supplier. The crooks lied that the supplier had changed banks. They instructed that future automated clearing house payments – electronic payments and automated money transfers that don’t involve wire transfers, credit card networks or cash – be remitted to the new bank accounts. Unfortunately, several distributors fell for the ruse.
Over the last year-and-a-half or so, other industry firms have also been hacked. In April 2018, Top 40 supplier Hit Promotional Products (asi/61125) was the victim of a malware attack that disrupted its computer systems. Around the same time, other firms fell prey to a phishing scam in which hackers, posing as customers, got employees to click on corrupted links that launched malware.