McMenamins Confirms Employee Data Compromised in Ransomware Attack, Offers ID Protection & Credit Monitoring Services

McMenamins Confirms Employee Data Compromised in Ransomware Attack, Offers ID Protection & Credit Monitoring Services

McMenamins confirmed internal employee data dating back to January 1, 1998, was compromised in the malicious ransomware attack it blocked Dec. 12. McMenamins is offering past and current employees identity and credit protection services, as well as a dedicated call center to answer questions about the attack.

Letters detailing the personal information stolen and how individuals can protect their identity and credit were sent to all individuals employed by the company between July 1, 2010 and December 12, 2021. Past employees between January 1, 1998 and June 30, 2010 are urged to visit the company’s website for support and detailed instructions on how to protect their data. A hotline has been established for additional questions: (888) 401-0552.

Stolen data potentially included: names, addresses, telephone numbers, email addresses, dates of birth, race, ethnicity, gender, disability status, medical notes, performance and disciplinary notes, Social Security numbers, health insurance plan elections, income amounts, and retirement contribution amounts. It’s possible that the thieves accessed files containing direct deposit bank account information as well, but McMenamins does not have a clear indication they did so.

“We’re devastated our people need to do so, but we’re urging them to vigilantly monitor their accounts and healthcare information for anything unusual. They should immediately notify their financial institutions or health providers if they see anything out of sort,” said Brian McMenamin. “They should sign up immediately for free monitoring and identity theft protection. All the information is on our website, and we encourage them to call with any questions.”

McMenamins first shared it had been the victim of a ransomware attack on Dec. 15. No customer payment data was impacted. The family-owned company is cooperating with the FBI and working with a cybersecurity firm to identify the source and full scope of the attack, as well as implement security enhancements.

All McMenamins properties remain open despite the breach. Many operational systems, including its phone system, credit card processing and hotel reservation system, were affected. Guests are being thanked for their patience and asked to call the property directly for information on bookings, and to wait until the new year for later bookings. All McMenamins locations are securely accepting credit cards through the Dinerware, an on-site point of sale system. Gift card purchases and redemptions are impacted at some properties, but the online store at remains operational. Customers are encouraged to make gift card purchases online for the time being.

For more such updates follow us on Google News ITsecuritywire News