The world’s largest meat processing company says it paid the equivalent of $11 million to hackers who broken into its computer system late last month.
Brazil-based JBS SA said on May 31 that it was the victim of a ransomware attack, but Wednesday was the first time the company’s U.S. division confirmed that it had paid the ransom.
“This was a very difficult decision to make for our company and for me personally,” said Andre Nogueira, the CEO of JBS USA. “However, we felt this decision had to be made to prevent any potential risk for our customers.”
JBS said the vast majority of its facilities were operational at the time it made the payment, but it decided to pay in order to avoid any unforeseen issues and ensure no data was exfiltrated.
The FBI has attributed the attack to REvil, a Russian-speaking gang that has made some of the largest ransomware demands on record in recent months. The FBI said it will work to bring the group to justice and it urged anyone who is the victim of a cyberattack to contact the bureau immediately.
The attack targeted servers supporting JBS’s operations in North America and Australia. Production was disrupted for several days.
Earlier this week, the Justice Department announced it had recovered most of a multimillion-dollar ransom payment made by Colonial Pipeline, the operator of the nation’s largest fuel pipeline.
Colonial paid a ransom of 75 bitcoin–then valued at $4.4 million–in early May to a Russia-based hacker group. The operation to seize cryptocurrency reflected a rare victory in the fight against ransomware as U.S. officials scramble to confront a rapidly accelerating threat targeting critical industries around the world.
[Read: Colonial Pipeline CEO Explains $4.4M Ransomware Payment ]
It wasn’t immediately clear if JBS also paid its ransom in bitcoin.
JBS said it spends more than $200 million annually on IT and employs more than 850 IT professionals globally.
The company said forensic investigations are still ongoing, but it doesn’t believe any company, customer or employee data was compromised.
Related: FBI Confirms REvil Ransomware Involved in JBS Attack
Related: Disruptions at Pan-American Life Likely Caused by Ransomware Attack
Related: REvil Ransomware Operator Bids for KPot Stealer Source Code

More from Associated Press
- Russian Millionaire on Trial in Hack, Insider Trade Scheme
- US Infiltrates Big Ransomware Gang: ‘We Hacked the Hackers’
- South Dakota’s Noem Says Cell Phone Number Hacked
- Learning to Lie: AI Tools Adept at Creating Disinformation
- Microsoft Invests Billions in ChatGPT-Maker OpenAI
- Mississippi Creates New Cyber Unit, Names 1st Director
- FBI Chief Says He’s ‘Deeply concerned’ by China’s AI Program
- Ransomware Shuts Hundreds of Yum Brands Restaurants in UK
Latest News
- Russian Millionaire on Trial in Hack, Insider Trade Scheme
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
- Vulnerabilities in OpenEMR Healthcare Software Expose Patient Data
- Russia-Linked APT29 Uses New Malware in Embassy Attacks
- Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability
- The Effect of Cybersecurity Layoffs on Cybersecurity Recruitment
- Critical Vulnerability Impacts Over 120 Lexmark Printers
- BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws
