Meat and leather group JBS has confirmed that it had to pay a ransom of $11 million to the group responsible for a cyberattack on its US division at the end of May.

JBS USA said on June 3 that the attack, which affected its IT systems and prevented its operations from functioning fully, was over and that it had lost less than one full day of production. It said it expected to recover the lost volume within a week.

Later, on June 9, JBS USA issued another statement to confirm that it had paid the equivalent of $11 million as a ransom to the attackers. When payments of this kind take place, the attackers usually ask for crypto-currency.

“In consultation with internal IT professionals and third-party cybersecurity experts, the company made the decision to mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated,” JBS USA said. Chief executive, Andre Nogueira, said it had been a difficult decision but that the company chose to “prevent any potential risk for our customers”.

The company went on to say that, according to the FBI, the attack had come from one of the most specialised and sophisticated cyber-criminal groups in the world. JBS insisted there was no question of under-investment in IT on its part; the group spends more than $200 million annually on IT and employs more than 850 IT professionals globally. 

Image shows Andre Nogueira, chief executive of JBS USA.

Share this story: