JBS Holdings, the world’s largest meat company by revenue, paid $ 11 million for its bitcoin ransomware attack on May 30 to avoid further disruptions to its business.
As the Wall Street Journal reported on Wednesday, the payment was made to a group, REvil, that has left no trace of how they managed to infiltrate the company’s systems. The attack shares similarities with the Colonial Pipeline ransomware attack that occurred on May 14th.
According to the forensic analysis carried out by JBS, no customer, supplier or employee data was compromised in the attack.
Connected: US consumer prices are rising faster than expected in May
According to Andre Nogueira, CEO of the US division of JBS SA, the payment was made to cushion the impact of the attack on business operations and JBS partners, including restaurants, grocery stores and farmers.
“It was very painful to pay the criminals, but we did the right thing for our customers,” said Nogueira. The company boss also said the ransom was paid after most of the JBS plants were up and running.
JBS found out about the attack on May 30th after employees discovered anomalies on their servers. A message demanding a ransom in Bitcoin soon made it clear that JBS was reportedly dealing with a sinister actor.
See also: State of Crypto: Ransomware is a crypto problem
Connected: Bitcoin rallies from oversold levels; Stand up to resistance at $ 40K
Shortly thereafter, JBS alerted the U.S. Federal Bureau of Investigation while the company’s technology staff began shutting down the meat supplier’s systems to stop the attacker’s advance, Nogueira said.
Fortunately for the meat producer, JBS maintains secondary backups of its data, which is encrypted, Nogueira told the Journal. But while restoring its systems, JBS admitted paying the ransom to protect against further attacks from REvil.
“We didn’t think we could take that risk, that something could go wrong in our recovery process,” said Nogueira. “It was insurance to protect our customers.”