fbpx

Hanesbrands Ransomware Attack and Data Breach Class Action

Hanesbrands, Inc. suffered a ransomware attack and data breach, which it allegedly discovered on May 24, 2022. The complaint for this class action blames Hanesbrands for this and alleges that the plaintiff in this case has suffered injuries including “eviction, due to fraudulent activity under her name; denial of an automobile-financing loan; over $15,000 of fraudulent charges; and identity theft that resulted in the unauthorized party attempting to open new financial accounts under her name.”

The class for this action is all persons whose private information was maintained on the Hanesbrands computer systems that were compromised in the data breach and who were sent a Notice of Data Breach letter by the company.

Hanesbrands, an international company with around 59,000 employees around the world, is aware of the danger of cyberattacks, the complaint alleges.

It quotes the company’s Global Code of Conduct as saying, “Data privacy laws cover how we must collect, store, use, share, transfer and dispose of personal information, and we comply with those laws everywhere we operate.” It also quotes another statement from that document as saying, “Hacks, intentional breaches and lax security are risks that we are all aware of and that we are right to worry about. Companies gather enormous amounts of personal data and consequently have an increased responsibility to protect that information.”

Even so, the complaint for this class action alleges the company “maintained the Private Information in a reckless manner … in a condition vulnerable to cyberattacks” and claims that the company bears responsibility for the exposure of private information that occurred.

The ransomware attack came in the form of an “encryption + exfiltration” attack, the complaint alleges, in which a hacker exfiltrates information from a system before encrypting it. “Once the data is exfiltrated from a network, its confidential nature is destoyed[,]” the complaint alleges, and the company should assume that it has been made available on the dark web.

According to the complaint, the company said it discovered the cyberattack on May 24, 2022 but did not send out its Notice letter to the individual victims until September 30, 2022, more than four months later.

The complaint claims that the information exposed included names, dates of birth, Social Security numbers, government-issued ID numbers, and financial account information.

The Notice letter omitted important information, the complaint alleges, such as “the details of the root cause of the Data Breach, the vulnerabilities exploited, whether [the Hanesbrands] system is still unsecured, why it took over four months to inform impacted individuals” and what has been done to ensured that no such breach occurs again.

Article Type: Lawsuit
Topic: Privacy

Most Recent Case Event

Hanesbrands Ransomware Attack and Data Breach Complaint

January 16, 2023

Hanesbrands, Inc. suffered a ransomware attack and data breach, which it allegedly discovered on May 24, 2022. The complaint for this class action blames Hanesbrands for this and alleges that the plaintiff in this case has suffered injuries including “eviction, due to fraudulent activity under her name; denial of an automobile-financing loan; over $15,000 of fraudulent charges; and identity theft that resulted in the unauthorized party attempting to open new financial accounts under her name.”

Hanesbrands Ransomware Attack and Data Breach Complaint

Case Event History

Hanesbrands Ransomware Attack and Data Breach Complaint

January 16, 2023

Hanesbrands, Inc. suffered a ransomware attack and data breach, which it allegedly discovered on May 24, 2022. The complaint for this class action blames Hanesbrands for this and alleges that the plaintiff in this case has suffered injuries including “eviction, due to fraudulent activity under her name; denial of an automobile-financing loan; over $15,000 of fraudulent charges; and identity theft that resulted in the unauthorized party attempting to open new financial accounts under her name.”

Hanesbrands Ransomware Attack and Data Breach Complaint
Tags: Exposing Private Information, Exposure to cyber crime, Your Privacy