A ransomware attack on the McMenamins dining and hospitality empire in the Pacific Northwest came along with a data breach covering 12 years of employee data, the organization has confirmed.
The Dec. 12 incident – which some have attributed to the Conti gang – forced McMenamins to shut down various operations, though locations can still receive customers.
This week, McMenamins confirmed that the cyberattackers made off with internal employee data for those working for the company between the dates of Jan. 1, 1998 and June 30, 2010. The affected data is a bouillabaisse of classic HR fare: names, addresses, telephone numbers, email addresses, dates of birth, race, ethnicity, gender, disability status, medical notes, performance and disciplinary notes, Social Security numbers, health insurance plan elections, income amounts, and retirement contribution amounts.
