Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Meat Company JBS Confirms it Paid $11M Ransom in Cyberattack

The world’s largest meat processing company says it paid the equivalent of $11 million to hackers who broken into its computer system late last month.

The world’s largest meat processing company says it paid the equivalent of $11 million to hackers who broken into its computer system late last month.

Brazil-based JBS SA said on May 31 that it was the victim of a ransomware attack, but Wednesday was the first time the company’s U.S. division confirmed that it had paid the ransom.

“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, the CEO of JBS USA. “However, we felt this decision had to be made to prevent any potential risk for our customers.”

JBS said the vast majority of its facilities were operational at the time it made the payment, but it decided to pay in order to avoid any unforeseen issues and ensure no data was exfiltrated.

The FBI has attributed the attack to REvil, a Russian-speaking gang that has made some of the largest ransomware demands on record in recent months. The FBI said it will work to bring the group to justice and it urged anyone who is the victim of a cyberattack to contact the bureau immediately.

The attack targeted servers supporting JBS’s operations in North America and Australia. Production was disrupted for several days.

Earlier this week, the Justice Department announced it had recovered most of a multimillion-dollar ransom payment made by Colonial Pipeline, the operator of the nation’s largest fuel pipeline.

Colonial paid a ransom of 75 bitcoin–then valued at $4.4 million–in early May to a Russia-based hacker group. The operation to seize cryptocurrency reflected a rare victory in the fight against ransomware as U.S. officials scramble to confront a rapidly accelerating threat targeting critical industries around the world.

Advertisement. Scroll to continue reading.

[ReadColonial Pipeline CEO Explains $4.4M Ransomware Payment ]

It wasn’t immediately clear if JBS also paid its ransom in bitcoin.

JBS said it spends more than $200 million annually on IT and employs more than 850 IT professionals globally.

The company said forensic investigations are still ongoing, but it doesn’t believe any company, customer or employee data was compromised.

RelatedFBI Confirms REvil Ransomware Involved in JBS Attack

Related: Disruptions at Pan-American Life Likely Caused by Ransomware Attack

Related: REvil Ransomware Operator Bids for KPot Stealer Source Code

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.