JBS USA, the meat producer recently hit with a ransomware attack, paid the equivalent of $11 million in ransom to attackers, its leadership has confirmed.
Andre Nogueira, CEO of JBS USA, said in a statement that the decision to pay was made after consulting with internal IT professionals and third-party cybersecurity experts. The company made the decision to "mitigate any unforeseen issues related to the attack and ensure no data was exfiltrated." At the time of payment, the vast majority of the company's facilities were operational.
"This was a very difficult decision to make for our company and for me personally," Nogueira said. "However, we felt this decision had to be made to prevent any potential risk for our customers."
JBS USA also noted it was able to quickly mitigate the effects of the attack due to its "cybersecurity protocols, redundant systems and encrypted backup servers." JBS spends more than $200 million annually on IT and employs more than 850 IT professionals, according to the statement.
The full statement from JBS can be found here.