McMenamins Ransomware Incident

December 17, 2021
You may have seen the news that McMenamins suffered a cyberattack similar to those carried out around the world on Sunday, December 12, 2021. We are working to determine what and how it happened and are cooperating with the FBI investigation into the attack. In order to protect our software and information, some systems had to be shut down. Our IT specialists are working hard to restore them, and we ask for your patience if you are trying to make hotel reservations, waiting for responses from staff, or any other correspondence with us at McMenamins. In the meantime, please refer to our FAQs:

What happened?

Despite security measures, McMenamins suffered a ransomware attack. This means that an unauthorized person deployed malicious software on the company’s systems, and to contain the attack, McMenamins was forced to shut down systems.

Do you suspect that customer information has been used fraudulently?

We do not store customer credit card information and have not seen indication that customers were affected.

I have a hotel reservation/private event booking/other that I need to talk to some at McMenamins about. What should I do?

Questions about hotel reservations: While our system is down, please fill out our online form. Some hotels have access to phone lines which you can call directly; phone numbers for these locations can be found on our website. Please understand that staff are taking many calls at this time.
Questions about private events through our onsite sales teams: Call the location directly; phone numbers for each location can be found on our website. Our email is not operable at this time.

Where can I buy or redeem a gift card?

Because systems are temporarily unavailable at some locations, gift cards can only be purchased or redeemed at certain places at this time:
Gift shops
Hotels, except White Eagle
23rd Avenue Bottle Shop
Broadway Pub
Chapel Pub
East 19th Cafe
Fulton Pub & Brewery
High Street Brewery & Café
John Barleycorns
Lighthouse Brewpub
Mall 205
North Bank

I am a vendor or McMenamins partner and need to get in touch with a staff member about specific business. What should I do?

Call staff members directly or call our Headquarters office at (503) 223-0109. If you recently submitted invoices to us via email at accountspayable@mcmenamins.com, we ask that you resend those documents along with statements of open invoices on our accounts to the same email, beginning Monday, December 20 so we can work through processing new charges as quickly as possible.

What about McMenamins employees?

We do not know if employee information was actually accessed or copied, but in an abundance of caution, we are working under the assumption that it was and providing every employee with access to identity and credit protection and monitoring services.

How could something like this happen?

We had security safeguards in place and a dedicated IT group that works to protect our systems and the information on them. Somehow hackers bypassed our security controls, and we are in the process of investigating how it happened.

What is McMenamins doing in response to the incident and to prevent similar actions in the future?

After discovering the attack, we restricted system access and are in the process of investigating. We are working closely with a team of cybersecurity experts, and we have notified the FBI and are cooperating with their investigation. McMenamins has been in the processing developing an enhanced cybersecurity plan and is accelerating that process, with assistance from cybersecurity experts. 

What can I do to protect my information?

We do not keep records of customer credit card numbers, and we have not seen any indicators that customers were affected. However, everyone should always be vigilant when receiving and responding to correspondence or inquiries from unknown sources and monitor financial accounts and personal information regularly for any unusual activity.