Hanes class action alleges data breach exposed sensitive customer data

Hanes data breach class action overview: 

• Who: A former Hanes employee is suing the clothing retailer. 
• Why: The plaintiff says she and other employees’ private information was stolen by cybercriminals due to Hanes’ negligence with cybersecurity.
• Where: The Hanes data breach class action was filed in a California federal court.

A former Hanes employee is suing the clothing retailer, alleging she and other employees’ private information was stolen by cybercriminals due to the company’s negligence with cybersecurity.

Plaintiff Veronica Roman filed the class action lawsuit against Hanes brands Inc. on Jan. 16 in a California federal court, alleging negligence.

According to the lawsuit, Hanes was the target of a May 24, 2022, cyberattack that harmed potentially thousands of current and former Hanes employees.

Roman says the information leaked in the data breach included first and last names, Social Security numbers, dates of birth, government-issued identification numbers, addresses, information related to benefits and employment including certain health information, and financial account information. 

The breach was a direct result of Hanes’ failure to implement adequate and reasonable cyber-security procedures and protocols necessary to protect its employees’ information, the class action alleges.

“Defendant maintained the Private Information in a reckless manner,” the lawsuit states. “In particular, the Private Information was maintained on Defendant’s computer network in a condition vulnerable to cyberattacks.”

Hanes waited more than 4 months to inform victims of cyberattack, lawsuit alleges

Roman says she received a Sept. 30, 2022, letter notifying her of the breach, more than four months after the May 24 attack was detected.

She said she now faces eviction due to fraudulent activity under her name as a result of the cyber attack. 

She also faces denial of an automobile-financing loan, over $15,000 of fraudulent charges and identity theft that resulted in the unauthorized party attempting to open new financial accounts under her name, she alleges.

“Defendant could have prevented this Data Breach by, among other things, properly encrypting or otherwise protecting their equipment and computer files containing Private Information.”

Roman is looking to represent anyone whose private information was maintained on Hanes’ computer systems that were compromised in the data breach and who were sent a “Notice of the Data Breach” letter.

She is suing for negligence, breach of implied contract, invasion of privacy and unjust enrichment and seeks damages, reimbursement of out-of-pocket costs, and injunctive relief including improvements to Hanes’ data security systems, future annual audits, and adequate credit monitoring services. 

Meanwhile, a dozen plaintiffs claim they lost thousands of dollars after hackers broke into their 3Commas cryptocurrency accounts and made fraudulent transactions, according to a new data breach class action lawsuit. 

Was your private information exposed in this breach? Let us know in the comments!

The plaintiff is represented by Scott C. Harris of Milberg Coleman Bryson Phillips Grossman PLLC. 

The Hanes class action lawsuit is Veronica Roman et al., v. Hanesbrands Inc., Case No. 1:23-cv-00044 in the U.S. District Court for the Middle District of North Carolina. 

Read About More Class Action Lawsuits & Class Action Settlements:

• Meta files lawsuit claiming AI company scrapes, sells Facebook users’ data
• Life360 class action claims app sells user data
• Norton LifeLock data breach exposes data of thousands of customers
• Class action lawsuit claims Twitter API defect allowed data breach