[BreachExchange] McMenamins the victim of ransomware attack; employee data potentially stolen

Terrell Byrd terrell.byrd at riskbasedsecurity.com
Fri Dec 17 10:14:55 EST 2021


https://www.kptv.com/news/mcmenamins-the-victim-of-ransomware-attack-employee-data-potentially-stolen/article_ee5c9e78-5e9c-11ec-a892-fb74bc33dac2.html


PORTLAND, Ore. (KPTV) – McMenamins has been the target of a ransomware
attack, potentially leaking employee data across all of the 56 locations in
Oregon and Washington.

The attack was first identified and blocked on Sunday, McMenamins said in a
release. The company added at this time they don’t believe any customer
data was impacted, however, it’s possible internal employee data may have
been compromised.

Potentially exposed employee information includes: names, addresses, email
addresses, telephone numbers, dates of birth, social security numbers,
direct deposit bank account information and benefits records.

“To provide employees with peace of mind, McMenamins will be offering
employees identity and credit protection services, as well as a dedicated
help line through Experian,” McMenamins said Wednesday.

Because of the attack, the company said many of its operational systems are
currently down including corporate email accounts and credit card scanners.
Gift card purchases are unavailable at some properties as well.

“What makes this breach especially disheartening is that it further adds to
the strain and hardship our employees have been through in the past two
years,” said Brian McMenamin. “We ask that our customers give our employees
extra grace as we make temporary adjustments in the way we process
transactions and reservations, given the impacts to our systems by this
breach. We are hopeful that this holiday season will mark a positive
turning point for all of us and appreciate the patience and understanding
of our loyal customers and partners.”

McMenamins has reported the incident to the FBI and said they are working
with a cybersecurity firm to identify the source and full scope of the
attack.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20211217/554bdfea/attachment.html>


More information about the BreachExchange mailing list