HanesBrands requests dismissals of ransomware lawsuits

The N.C. lawsuit, filed in federal Middle District Court on Oct. 13, has Nicole Toussaint as the plaintiff on behalf of current and former employees. The California lawsuit Roman vs. HanesBrands was filed Oct. 7 in the Central District.

Each plaintiff is requesting class-action status.

HanesBrands disclosed in a May 31, 2022, regulatory filing that it began experiencing the ransomware attack on May 24, 2022.

Ransomware is a type of malicious software employed by hackers that can block access to a computer system until a ransom is paid. In recent years, the targets have shifted from individuals to governments, companies, nonprofits and health care systems.

HanesBrands said the ransomware attack affected its global supply chain network and ability to fulfill customer orders for about three weeks. The attack resulted in a $35 million reduction in adjusted operating profit for the second quarter of fiscal 2022, while lowering adjusted earnings per share by 8 cents.

The main complaint allegation is that the ransomware attack contributed to a data breach of “certain highly sensitive personal and protected health information” that included name, address, date of birth, financial account information and government-issued identification numbers, and other health and employment accounts.

Toussaint said she wasn’t notified of the data breach until Aug. 16, 2022. Toussaint lives in Maine and was employed as an assistant manager from 2012 through 2018.

The suits ask for compensatory, punitive and other damages, as well as injunctive relief that requires HanesBrands “to strengthen its data security systems and monitoring procedures, submit to future annual audits of…