Cyber Incident Victim: Hanesbrands Inc.
Date:
May 2022
Location:
United States of America
Summary
A ransomware attack disrupted HanesBrands' global supply chain operations, temporarily limiting order fulfillment capabilities for approximately three weeks. The incident negatively impacted quarterly financial results, with estimated losses of $100 million in net sales, $35 million in adjusted operating profit, and $0.08 in adjusted earnings per share. While the cyber event affected multiple business segments including Innerwear and Activewear sales, the company successfully shipped all seasonal back-to-school commitments on schedule. Operations were fully restored with no ongoing effects on product delivery or service capabilities following containment of the breach.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The ransomware attack on HanesBrands Inc. occurred in late May 2022, disrupting the company's global supply chain operations and order fulfillment capabilities for approximately three weeks. The cyber event temporarily paralyzed critical systems responsible for managing customer orders and distribution logistics across multiple regions. During this operational disruption, HanesBrands experienced significant challenges in processing and shipping products to wholesale partners and retail customers. The company estimated the incident reduced second-quarter net sales by $100 million, with adjusted operating profit declining by $35 million and adjusted earnings per share decreasing by $0.08. Despite these systemic interruptions, HanesBrands successfully fulfilled all Innerwear back-to-school seasonal commitments on schedule through contingency measures. The attack coincided with broader operational challenges including softer consumer demand, inflationary pressures, and foreign exchange rate volatility. By the time of their Q2 earnings announcement on May 24, 2022, management confirmed the ransomware incident had been contained with no residual operational impacts affecting product availability or customer service capabilities.
HanesBrands implemented immediate containment protocols that restored full operational functionality across their supply chain network following the three-week disruption window. The company's financial reporting highlighted the cyber event as a primary contributor to reduced Activewear segment performance, where Champion brand sales declined 25% year-over-year due to fulfillment constraints. Management characterized the ransomware attack as an unexpected external factor exacerbating existing macroeconomic headwinds during the quarter. No data breach or consumer information compromise was disclosed in the incident reporting. The company maintained its quarterly dividend payout and liquidity position despite the financial impacts, preserving $248 million in cash reserves and $720 million in available credit facilities. HanesBrands adjusted its full-year 2022 guidance to account for the attack's financial consequences alongside inventory management initiatives and foreign exchange pressures. The incident accelerated operational improvements under the Full Potential strategy, including distribution network optimizations and enhanced supply chain segmentation designed to mitigate future disruption risks.