Crystal D (asi/47759) is back in the game.

The Minnesota-based supplier of crystal awards and gifts said on April 7 that it was fully operational again following a recent cyberattack that temporarily knocked out communication with customers and otherwise affected the use of systems.

The firm noted that it undertook a painstaking evaluation to ensure data security and more before bringing systems completely back online. Crystal D said that there was no evidence that the criminals accessed sensitive customer information.

“We are thankful for the quick response of our information security team, as well as our outside partners who painstakingly combed through everything to ensure the integrity of our systems,” said Mike Irvine, Crystal D’s executive vice president and chief operating officer. “Their expertise is one of the many silver linings we are grateful to have had during a stressful time.”

When the hacking commenced in early March, Crystal D said it immediately took its systems offline. Initially, Crystal D was incapable of accessing phones and email accounts. Communication between Crystal D and its customers was down beginning around 7 a.m. Central Time on March 7.

“We received care packages, we had customers who moved and shifted their dates to help us prioritize the most urgent projects, and we had support from direct competitors. We are deeply thankful and will never forget all of the help.” Bridget Dahlgren, Crystal D (asi/47759)

By March 12, Crystal D could once again communicate with customers and process orders, but the firm was continuing to work through fallout related to the cyber assault. Executives said the work of Crystal D team members and the support of promotional products professionals from throughout the industry was amazing.

“Our Memory Makers [employees] went infinitely above and beyond the call to ensure our customers’ orders were managed as best as possible despite the speed bumps caused by working offline,” Irvine said. “Hearing from our friends outside Crystal D who said they’re here for us, and knowing they were extending grace, meant the world.”

Workers had to provide quotes and enter orders manually for a time as part of old-school efforts to keep business moving – but moving they indeed kept it. Crystal D said it produced and shipped 97.25% of orders received during the outage on time.

“We received care packages, we had customers who moved and shifted their dates to help us prioritize the most urgent projects and we had support from direct competitors,” said Bridget Dahlgren, executive vice president of marketing and sales. “We are deeply thankful and will never forget all of the help, patience and understanding expressed to us.”

Good News: Following a #cyberattack, #promoproducts supplier Crystal D is making progress. The St. Paul-based company can communicate with customers and process orders again, but continues to work through issues related to the breach. https://t.co/7Be3g9hS69

— Chris Ruvo (@ChrisR_ASI) March 12, 2025

Cybersecurity in the promotional products industry has become a major issue, with cyberattacks being at the forefront of industry executives’ concerns.

At the 2024 ASI Power Summit, industry leaders acknowledged in a panel discussion that cyber assaults have become a substantial business risk, and that large portions of their information technology budgets go toward protecting their companies against such incursions by digital criminals. Cybersecurity insurance rates have reportedly soared.

Promo firms of all sizes have suffered attacks. In recent years, for instance, Counselor Top 40 supplier Bag Makers (asi/37940) sustained a devastating assault, while Counselor Top 40 distributor Staples Promotional Products (asi/120601) endured an apparent hacking.

A 2019 hacking at Counselor Top 40 firm alphabroder (asi/34063) led to a ransom payment. Counselor Top 40 supplier Hit Promotional Products (asi/61125) contended with what was described as a cybersecurity incident in March of 2023.

Meanwhile, MV Sport/The Game (asi/68318) suffered an attack in September/October 2022. Aakron Line (asi/30270) dealt with a malware issue. HanesBrands (asi/59528) was compromised. Essent Corporation, a promo-focused business management platform, fell prey to an encryption attack in late 2022. Hackers infiltrated a Cisco merch store in September.