Decades-Old Employee Data Compromised in Hospitality Chain Attack
Pacific Northwest hospitality chain McMenamins confirmed internal employee data dating back to January 1998 was compromised in a ransomware attack it blocked Dec. 12.
Stolen data potentially included: names, addresses, telephone numbers, email addresses, dates of birth, race, ethnicity, gender, disability status, medical notes, performance and disciplinary notes, Social Security numbers, health insurance plan elections, income amounts and retirement contribution amounts. The attackers also may have accessed files containing direct deposit bank account information as well, but McMenamins does not have a clear indication they did so.
The company said no customer payment data was impacted. It’s cooperating with the FBI and working with a cybersecurity firm to identify the source and full scope of the attack, as well as implement security enhancements.
John Bambenek is principal threat hunter at Netenrich.
“Ransomware operators continued to operate over our holidays attacking organizations large and small,” he said. “These attacks show no one is safe from their reach and that newer groups are starting to form to get into the space. These breaches will continue until governments solve the fundamental problem, that if you live in certain parts of the world, you can attack others without fear of consequences.”
