McMenamins ransomware attack violated employee records 23 years ago
McMenamins employees who haven’t worked at the hotel and brewery chain since the Clinton administration gained access to personal information in a ransomware attack last month, according to the Portland-based company.
The attack violated current employee records and accessed information from former employees as early as 1998.
According to McMenamins, cybercriminals have potentially gained access to employee names, social security numbers, addresses, phone numbers, email addresses, dates of birth, income information, and performance and discipline records.
The company said it was “possible” for thieves to gain access to direct deposit information, including bank account numbers, but McMenamins said it couldn’t say for sure if that had happened.
While the channel informed employees who had worked for McMenamins since 2010 of the violation, it says it does not have contact details of employees who worked at the company between 1998 and 2010, so it has implemented a web page providing them with information.
“We are devastated by our people who have to do this, but urge them to vigilantly monitor their accounts and health information for anything unusual,” said Brian McMenamin, a family member who owns the channel, in a statement last week. .
The channel reiterated that it does not believe the hackers gained access to customers’ financial data, which is on a separate system from the one that was breached last month.
McMenamins has 56 hotels, theaters, bars and restaurants in Oregon and Washington. The company employs 2,700 people, but thousands more have worked for the chain in previous years.
McMenamins said he believed hackers breached his systems from December 7 and had access to them until the company found out about the attack on December 12. The company previously said it did not pay any ransom.
The attack disrupted the company’s phones, credit card processing and hotel reservations, but all of its locations remained open. However, many systems remain offline and McMenamins said they do not know when all systems will be restored.
Hotel guests have reported confusion and frustration with their reservations. McMenamins suggests that its clients call the properties directly for information on their reservations.
McMenamins provides credit monitoring and protection services to current and former employees, but if hackers gain access to birth dates, names and Social Security numbers, personal financial information could be endangered indefinitely.
Online detectives link the McMenamins attack to an obscure criminal organization called Conti. Federal law enforcement warned in September that Conti had struck more than 400 organizations in the United States and counted around the world by that time.