Brewpub Chain Employees Victimized by Ransomware Hackers, Over 20 Years of Data Exposed

Natalie Colarossi

A hotel and brewpub chain in the Pacific Northwest was attacked by ransomware hackers who breached employee records and accessed personal information dating back to 1998.

McMenamins, a family-run chain of breweries, music venues, hotels and theater pubs throughout Oregon and Washington, was hit by a ransomware attack last month that may have affected up to 30,000 current and past employees.

“As soon as we realized what was happening, we blocked access to our systems to contain the attack. It appears that cybercriminals gained access to company systems beginning on December 7 and through the launch of the ransomware attack on December 12,” McMenamins said in a recent statement.

“During this time, they installed malicious software on the company’s computer systems that prevented us from using or accessing the information they contain.”

The cyber attackers may have accessed employee names, Social Security numbers, addresses, phone numbers, emails, birth dates, income information, healthcare records, and performance and disciplinary records, according to the company. McMenamins said they are uncertain whether or not the attackers gained access to direct deposit or banking information, but that it remains a possibility.

Now, the brewpub chain is working to notify thousands of current and past employees about the breach. So far, McMenamins said it has contacted at least 14,000 people who worked for the company starting from 2010, The Oregonian reported. However, the company said it does not have contact information of employees who worked from 1998 to 2010 and has instead set up a webpage of resources for those who may have been affected.

“We’re devastated our people need to do so, but we’re urging them to vigilantly monitor their accounts and healthcare information for anything unusual,” Brian McMenamin said in a statement last week.

The chain said that while employee information has been accessed, it does not believe the hackers were able to access customer data. That information is stored on a separate software system.

The attack is now under investigation by the FBI and has forced McMenamins to shut down some online systems. Because of that, the company said it has been experiencing issues with hotel reservations and customer service.

“Our IT specialists are working hard to restore them, and we ask for your patience if you are trying to make hotel reservations, waiting for responses from staff, or any other correspondence with us at McMenamins,” the company stated last month.

McMenamins currently employs 2,700 people across 62 hotels, theaters, bars and restaurants in Oregon and Washington.

Subscribe to Our Newsletter Today.

Cybersecurity Newsletter — Stay Informed

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox.

Helping clients achieve a resilient cyber defense posture to continue operating their businesses regardless of the cyber threats they face.

Departments

Terms and Conditions | Privacy Policy

© 2022 CyberSecure IT . All rights reserved.