data breach

Hanesbrands, Inc. Reveals Recent Ransomware Attack in SEC Filing

On May 31, 2022, Hanesbrands, Inc. (“Hanes”) filed an 8-K with the U.S. Securities and Exchange Commission disclosing that on May 24, 2022, it had “become subject to a ransomware attack.”

The ransomware group was not identified in the filing, nor did Hanes identify the data subject to the attack or whether it had decided to pay the ransomware. Hanes’ investigation and assessment of the event is described as “ongoing.”

Details at this time are sparse, with Hanes reporting that:

“As the Company is in the early stages of its investigation and assessment of this event, the Company cannot determine at this time whether or not such event will have a material impact on its business, operations or financial results.”

It is not clear at this time if the information subject to the ransomware attack is consumer personal information, employee information, or both.

Hanesbrands sells clothing under a number of well-known brand names, including Hanes, Champion, Bonds, Bali, Maidenform, Playtex, Bras N Things, JMS/Just My Size, Alternative, Berlei, Wonderbra, Gear for Sports, and Comfortwash. It has over 59,000 employees.

As explained in Hanes’ Annual Report for the fiscal year ended January 1, 2022,

“Any breach of our network or databases, or those of our third-party providers, may result in the loss of valuable business data, misappropriation of our consumers’ or employees’ personal information, or a disruption of our business [. . . ]”[1]

According to the Company, sometimes Hanes relies on information technology systems that are provided by third parties or their vendors. In the event of a breach, “such relationships and access may create difficulties in anticipating and implementing adequate preventative measures or fully mitigating harms after a breach.”

Stay Vigilant

If you are a consumer who has made a purchase from Hanes, or an employee of Hanesbrands, Inc., until more information is known about this ransomware attack, the prudent course of action is to remain vigilant about checking your credit card statements, obtaining copies of your credit reports, and monitor whether your personal information has been disclosed on the dark web through online services (some credit monitoring services provide for dark web monitoring).

 

[1] Hanes Brands Inc., Annual Report: Form 10-K for the Fiscal Year Ended January 1, 2022, p. 15.