McMenamins disclosed that employee data dating back to January 1, 1998, was compromised in a data restoration ransomware attack.
- McMenamins discloses 12 years of employee data in a data breach.
- The company added that customer financial data was not affected.
McMenamins disclosed that employee data dating back to January 1, 1998, was compromised in a data restoration ransomware attack.
McMenamins is a family-owned chain of brewpubs, music venues, breweries, historic hotels, and theatre pubs in Oregon and Washington.
According to the company, the threat actors have stolen data of individuals employed between July 1, 2020, and December 12, 2021.
Past employees between January 1, 1998, and June 30, 2010, are advised to visit the company’s website for support and detailed instructions on protecting their data.
The stolen data includes names, addresses, contact numbers, email addresses, date of birth, ethnicity, status, race, medical notes, gender, disability, performance and disciplinary notes, health insurance plan elections, social security numbers, retirement contribution amounts and income amounts.
The company also states that threat actors likely accessed files containing direct deposit bank account information.
Even though McMenamins remained open despite the security breach, many operational systems, including its phone system, credit card processing and hotel reservation system, were impacted by ransomware attacks.
“All McMenamins locations securely accept credit cards through the Dinerware, an on-site point of sale system. Gift card purchases and redemptions are impacted at some properties,” concludes the data breach notification.
McMenamins provides identity and credit card monitoring services to past and current employees.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?