McMenamins Reports Data Breach

A cyber-attack on American hospitality chain McMenamins may have exposed data belonging to its current and former employees. 

The business, which owns and operates brewpubs, breweries, music venues, historic hotels, and theater pubs in Oregon and Washington, issued a data breach notice after suffering a ransomware attack.

Suspicious activity was identified in the company's computer network on December 12. 

"As soon as we realized what was happening, we blocked access to our systems to contain the attack that day," states McMenamins in a data breach notice updated on December 30. 

"It appears that cybercriminals gained access to company systems beginning on December 7 and through the launch of the ransomware attack on December 12."

The company went on to say that the installation of malicious software on its computer systems prevented staff from accessing company files and data. 

An investigation into the security incident has determined that the perpetrators "stole certain business records," including payroll data and human resources files, "for at least some individuals" who worked for McMenamins between January 1, 1998, and June 30, 2010. 

McMenamins said: "We have not been able to recover these files or contact information for these previous employees. Out of abundance of caution and for the purposes of providing this notice and credit monitoring support, we are assuming that all previous employees during this time period were potentially affected."

The unidentified ransomware gang behind the attack also stole human resources files containing the personal data of individuals employed by McMenamins between July 1, 2010, and December 12, 2021.

The affected files potentially contained employees' names, addresses, telephone numbers, email addresses, dates of birth, ..

Support the originator by clicking the read the rest link below.