Company expects majority of its meat-packing plants to be operational Wednesday
By THE WALL STREET JOURNAL // JUNE 2, 2021
Meatpacker JBS SA JBSAY -1.15% was hit by a ransomware attack that took a big chunk of U.S. beef-and-pork processing offline, sending buyers scrambling for alternatives and raising pressure on meat supplies.
The attack ratcheted up pressure on a food-supply chain already under strain from labor shortages, production constraints and high transportation costs. Late Tuesday, a company executive said JBS was making progress toward restoring its systems, and that the majority of its meat plants would be operational Wednesday.
Brazil-based JBS, the world’s biggest meat company by sales, told the Biden administration that it was the victim of a ransomware attack, White House principal deputy press secretary Karine Jean-Pierre said on Tuesday. She said JBS reported that the attack originated from a criminal group likely based in Russia.
“The White House is engaging directly with the Russian government on this matter and delivering the message that responsible states do not harbor ransomware criminals,” Ms. Jean-Pierre said.
JBS didn’t comment on the White House’s description of the attack.
Kremlin spokesman Dmitry Peskov on Wednesday declined to comment on the attack, saying he had no information about it but that there were ongoing contacts between Russia and the U.S. through diplomatic channels.
The attack is the latest is the latest in a growing number to hit a range of businesses and institutions, including hospitals, the oil industry and local water supplies.
At JBS, the attack halted operations at meat plants that are among the largest in the U.S., according to worker representatives and notices shared with JBS employees. JBS facilities in Colorado, Iowa, Minnesota, Pennsylvania, Nebraska and Texas were among those affected.
JBS operations in Australia and Canada were affected as well as operations in the U.S., according to the company and individual plants’ social-media posts.
Meat-market analysts said plant closures resulting from the JBS hack could soon lead to higher consumer prices, which have climbed for many cuts this year because of high demand and a tight labor market. “Even one day of disruption will significantly impact the beef market and wholesale beef prices,” wrote analysts for Steiner Consulting Group, which researches the meat industry.
Suzanne Rajczi, chief executive of New York-based restaurant supplier Ginsberg’s Foods, said she was looking for a new source for chicken she usually buys from a West Virginia plant operated by Pilgrim’s Pride Corp. PPC -0.83% , which is majority-owned by JBS.
Pilgrim’s canceled a fresh chicken delivery to Ginsberg’s on Tuesday as a result of the attack, Ms. Rajczi said. She said Pilgrim’s told her it was trying to add back production lines in coming days but couldn’t say if or when her deliveries would resume.
“There’s a lot of frenzied buying going on right now,” said Ms. Rajczi. “The whole fresh-commodity supply chain has been stretched to the max.”
JBS shipped products from nearly all of its U.S. facilities on Tuesday, the company said. The U.S. Department of Agriculture in a statement urged competing meatpackers to boost processing where possible while JBS’s plants were down and to secure their own technology systems.
For JBS, which processes nearly one-quarter of U.S. beef and about one-fifth of the nation’s pork, the attack illustrates a new threat for an industry that was among the hardest hit by Covid-19. As the pandemic arrived in the U.S., tens of thousands of plant workers were infected, according to labor-union estimates, forcing shutdowns last spring that backed up livestock on farms. Meatpackers spent hundreds of millions of dollars to temporarily boost wages, install temperature scanners and place partitions between work stations.
The attack demonstrates the growing and potentially costly risk to corporate operations posed by such incursions. Such attacks can also affect daily life in the U.S. A cyberattack on fuel supplier Colonial Pipeline Co. last month shut down the fuel supplier’s main fuel conduit for the U.S. East Coast, prompting a run on regional gas stations and helping to push gasoline prices to their highest levels in 6½ years. Since the Colonial attack, lawmakers have warned that criminal ransomware gangs are increasingly targeting U.S. infrastructure and businesses, snarling day-to-day operations.
JBS said the cyberattack didn’t affect its backup servers and the company was working with technology specialists to restore its systems. JBS said late Tuesday that there was no sign that customer, supplier or employee data was compromised. The company warned earlier that the attack could delay business with meat buyers, cattle feedlots and other suppliers. Its Mexico and U.K. operations were unaffected by the attack, the company said.
“Our systems are coming back online and we are not sparing any resources to fight this threat,” Mr. Nogueira said.
At a JBS beef plant in Souderton, Pa., which the company estimates is the largest beef plant east of Chicago, workers were told no slaughtering or processing would take place Tuesday, according to Wendell Young, president of the local United Food and Commercial Workers International Union, which represents JBS plant employees.
In Greeley, Colo., where JBS runs another major beef-packing plant, shifts were canceled because of the cyberattack, a spokeswoman for the local UFCW chapter said. The JBS beef plant in Cactus, Texas, also canceled Tuesday operations, with the exception of maintenance and some other functions, according to a notice posted to the plant’sFacebook page.
The JBS pork plant in Ottumwa, Iowa, told employees that Tuesday slaughtering and bacon-slicing shifts were suspended, according to a separate Facebook notice. In Worthington, Minn., where JBS runs another pork plant, cutting, trimming and deboning shifts were suspended Tuesday, according to a notice posted to that plant’s Facebook page.
Live cattle-futures trading on the Chicago Mercantile Exchange fell on Tuesday, with the most-active cattle contract closing down Tuesday by 1.9% to nearly $1.17 a pound. The primary factor driving the contract down was the hack, livestock traders said, raising the risk that some plants would be unable to purchase livestock.
“Cattle were backed up going into this week with packers simply not killing enough to allow feedlots to get current,” said Dennis Smith, a commodities broker with Archer Financial Services Inc. “So, the industry had a problem going into the crisis.”
JBS said the attack targeted some of its information technology and that the company has since suspended the use of affected servers.
While attacks on IT systems can wreak havoc, cybersecurity experts have said hackers can cause even greater damage if they reach operational technology used to keep factories or other industrial facilities running.
—Tarini Parti, Jesse Newman and David Uberti contributed to this article.