JBS Foods, the world’s largest meat supplier, said Wednesday that the company paid $11 million in bitcoin to hackers to resolve the ransomware attack that disrupted much of its operations in North America and Australia.
The meat-producing giant said that it paid the sum to ransomware attackers to “mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated.”
“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, chief executive of Brazilian meat company JBS SA’s U.S. division. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
Nogueira told The Wall Street Journal that while it was “very painful” to pay the cybercriminals behind the attack, “we did the right thing for our customers.”
The payment was made to the hackers after the majority of JBS plants were operating again, he said. JBS said on June 3 that it had resumed normal operations at all of its global facilities.
Third-party forensic investigations are still ongoing, and no final determinations have been made, the company said in its statement. No company, customer, or employee data was compromised in the attack, based on forensic analysis, JBS said.
“We didn’t think we could take this type of risk that something could go wrong in our recovery process,” Nogueira told WSJ of the company’s decision to pay the cybercriminals. “It was insurance to protect our customers.”
The FBI said last week that Russia-linked hacking group REvil—also known as Sodinokibi—was behind the ransomware attack that disrupted operations at JBS.
The prolific ransomware group earlier this year was behind an attack on an Apple Inc. supplier named Quanta Computer. It has previously marketed stolen data on cybercrime forums in Russian.
Following the attack on Quanta Computer, REvil sent extortion threats and demanded a payment of $50 million for the company to regain access to its systems.
Brazil-based JBS Foods has operations in 15 countries and customers in approximately 100 countries, according to the company’s website. Its plants are responsible for approximately 25 percent of America and Australia’s processing capacity.
The cyberattack on JBS Foods comes less than a month after Colonial Pipeline, a major fuel transporting system along the U.S. East Coast, was breached via a ransomware attack that FBI officials believe originated in Russia and Eastern Europe.
White House press secretary Jen Psaki said last week that she expects President Joe Biden will discuss the incident with Russian President Vladimir Putin at the June 16 summit in Geneva, Switzerland.