McMenamins

McMenamins operates as a regional brewery and hospitality chain within the United States. Its core business involves brewing beer and providing hospitality services, which includes managing restaurants, bars, and associated venues. The company utilizes point-of-sale systems for payment processing across its operations, indicating a retail and service-oriented model focused on customer-facing establishments. Gift card sales represent another facet of its customer engagement and revenue stream. While primarily focused on brewing and hospitality, the company maintains corporate functions requiring internal IT infrastructure like servers and workstations to support its business activities.

The company experienced a significant cybersecurity incident involving the Conti ransomware strain. This attack encrypted critical systems including servers, workstations, and point-of-sale terminals, severely disrupting normal operations. The breach necessitated an immediate shutdown of IT infrastructure and payment processing systems to contain the spread. While customer payment data handled by third-party processors was initially assessed as uncompromised, the attack potentially exposed sensitive employee information such as names, Social Security numbers, bank account details, and benefits records. In response to this potential exposure, McMenamins offered identity protection services to affected individuals. The incident forced a temporary shift to cash-only transactions and halted gift card sales, demonstrating the operational impact on its hospitality services. Although corporate data theft was suspected, it remained unconfirmed. McMenamins engaged cybersecurity experts and reported the incident to the FBI for investigation into its scope and origin.