McMenamins Data Breach Affects 12 Years of Employee Info

The Pacific Northwest hospitality stalwart is also still operationally crippled by a Dec. 12 ransomware attack.

A ransomware attack on the McMenamins dining and hospitality empire in the Pacific Northwest came along with a data breach covering 12 years of employee data, the organization has confirmed.

The Dec. 12 incident – which some have attributed to the Conti gang – forced McMenamins to shut down various operations, though locations can still receive customers. McMenamins is known for saving and restoring historic buildings throughout Oregon and Washington state and for giving them new lives as eclectic pubs, restaurants, breweries, hotels, movie theaters, concert venues, spas and more. In fact, 20 of its locations are on the National Register of Historic Places.

This week, McMenamins confirmed that the cyberattackers made off with internal employee data for those working for the company between the dates of Jan. 1, 1998 and June 30, 2010. The affected data is a bouillabaisse of classic HR fare: names, addresses, telephone numbers, email addresses, dates of birth, race, ethnicity, gender, disability status, medical notes, performance and disciplinary notes, Social Security numbers, health insurance plan elections, income amounts, and retirement contribution amounts.

The data could

Read More: