GREELEY, Colo. — JBS USA, one of the world’s largest meat producers, announced Wednesday they are on schedule to resume production at all of their facilities Thursday following a cyberattack.
The Sunday “organized cybersecurity attack” is affecting the company’s North American and Australian information technology systems, according to the company, whose U.S. headquarters are in Greeley.
In the announcement from JBS USA and Pilgrim’s, the company has made “significant progress in restoring our IT systems and returning to business as usual,” and that it anticipated operating at close to full capacity Thursday.
“Today, the vast majority of our facilities resumed operations as we forecast yesterday, including all of our pork, poultry and prepared foods facilities around the world and the majority of our beef facilities in the U.S. and Australia,” Andre Nogueira, JBS USA CEO, said in the statement.
On Thursday, JBS confirmed all of its global facilities are fully operational "after resolution of the criminal cyberattack." The company said their IT systems and encrypted backup servers, which were not infected during the attack, helped limit the loss of food produced during the attack to less than one days’ worth of production. Any lost production across the company’s global business will be fully recovered by the end of next week, JBS said.
A spokesperson for the United Food and Commercial Workers Local 7, which represents many employees at the meatpacking plant in Greeley, said all three shifts will work Thursday. Shifts A and B were canceled Tuesday. Shift B was scheduled for a regular production day, and Shipping & Hides operated under regular hours Wednesday.
UFCW International President Marc Perrone on Tuesday called for JBS to ensure its employees are paid should shifts continue to be canceled or plants shut down.
ABC News confirmed with a UFCW union official that all U.S. JBS beef plants were shut down Tuesday due to the attack, which included the plant in Greeley and others in Arizona, Texas, Nebraska, Wisconsin, Utah, Michigan and Pennsylvania. Production was also reportedly halted at the company’s Australian facilities.
The FBI released a statement on their investigation, attributing the attack to REvil and Sodinokibi. The statement says, in part, "We continue to focus our efforts on imposing risk and consequences and holding the responsible cyber actors accountable."
The company said there’s currently no evidence any customer, supplier or employee data has been compromised from the cyber attack.
JBS has not shared whether they paid the ransom or if they rebuilt their systems from scratch.