PORTLAND, Ore. (KOIN) — The ransomware attack on McMenamins compromised internal employee data going back 24 years, all the way to January 1, 1998, company officials disclosed.
McMenamins first acknowledged it was the victim of a ransomware attack on December 15. They said no customer data was impacted.
But it is possible “the thieves accessed files containing direct deposit bank account information (of employees) as well, but McMenamins does not have a clear indication they did so,” they said in a statement.
Everyone who worked for McMenamins between July 1, 2010 and December 12, 2021 was sent a letter outlining the personal information that was stolen. People who worked between January 1, 1998 and June 30, 2010 should visit the McMenamins website for help and instructions.
McMenamins also set up a hotline for questions: 888.401.0552. They’re also offering past and current employees identity and credit protection services.
“We’re devastated our people need to do so, but we’re urging them to vigilantly monitor their accounts and healthcare information for anything unusual. They should immediately notify their financial institutions or health providers if they see anything out of sort,” said Brian McMenamin. “They should sign up immediately for free monitoring and identity theft protection. All the information is on our website, and we encourage them to call with any questions.”
All McMenamins remain open
Even though the phone system, credit card processing and hotel reservation system were affected, all McMenamins locations are open, company officials said. They are still able to accept credit cards through an on-site point of sale system, Dinerware.
But they are not sure when the issue will be resolved and all systems back up.
McMenamins officials said they are “cooperating with the FBI and working with a cybersecurity firm to identify the source and full scope of the attack, as well as implement security enhancements.”