The CEO of JBS said the decision to pay the ransom was difficult but necessary to prevent a potential risk for customers.
The world’s largest meat processing company says it paid the equivalent of $ 11 million to hackers who entered its computer system at the end of last month.
Brazil-based JBS SA said on May 31 that it had been the victim of a ransomware attack, but Wednesday was the first time the U.S. division of the company had confirmed it had paid the ransom.
“It was a very difficult decision to make for our society and for me personally,” said Andre Nogueira, CEO of JBS USA. “However, we thought this decision should be made to prevent any potential risk to our customers.”
JBS said the vast majority of its structures were operational at the time of payment, but decided to pay to avoid any unforeseen problems and ensure that no data was leaked.
The FBI has attributed the attack to REvil, a Russian-language gang that has made some of the largest ransomware requests recorded in recent months. The FBI said it will work to bring the group to justice and has ordered all victims of a cyberattack to contact the office immediately.
The attack targeted servers supporting JBS operations in North America and Australia. Production was disrupted for several days.
Earlier this week, the U.S. Department of Justice announced that it had recovered most of a multimillion-dollar bailout payment made by Colonial Pipeline, the operator of the nation’s largest fuel pipeline.
Colonial paid a ransom of 75 Bitcoin – then estimated at $ 4.4 million – in early May to a group of pirates based in Russia. The operation to seize the cryptocurrency reflects a rare victory in the fight against ransomware as U.S. officials clash to address a rapidly accelerating threat targeting the world’s critical industries.
It was not immediately clear if JBS even paid his ransom in Bitcoin.
JBS said it spends more than $ 200m annually on IT and employs more than 850 IT professionals worldwide.
The company said forensic investigations are still ongoing, but do not believe the data of companies, customers or employees is compromised.