Hanesbrands Inc. said an unauthorized user recently accessed a
database containing information on customer orders, becoming the
latest major corporation hit by hackers.
The company said the hackers were able to access general
customer information, like names, addresses and phone numbers. The
data exposed didn't include full credit-card numbers, but may have
included the last four digits of the cards, Hanesbrands spokesman
Matt Hall said Wednesday.
Mr. Hall said the orders were viewable due to a vulnerability of
the software that handles online orders placed through Hanes.com.
Essentially, the intruder was able to trick the system into
exposing the order status, he said. The company believes the
intruder was only able to access the order status for about a week
at the end of June and beginning of July, Mr. Hall added.
Mr. Hall said the hacker wasn't able to enter corporate systems.
The company said it has fixed the problem and notified some 900,000
customer about what happened.
"We're not happy that it happened," Mr. Hall said. "We're very
satisfied that critical data wasn't available."
Hanesbrands, which sells Hanes, Champion and other clothing
brands, joins a long list of corporations whose data has been
stolen by hackers, including Home Depot Inc., Neiman Marcus Group
Ltd. and Target Corp. Those incidents stole tens of millions of
credit-card numbers and personal data like names and addresses.
Write to Paul Ziobro at Paul.Ziobro@wsj.com