By Zainab Ghadiyali

Earlier this year, on a morning in January, I walked into a founder’s nightmare.

My company, Eat Cook Joy, which builds AI-powered tools for private chefs, was two weeks away from its public launch. For two and a half years, I had been preparing and collecting the most sophisticated and comprehensive data set for the private chef industry.

But as I sat down at my computer, I was locked out of my site. Access to the platform I had painstakingly assembled and worth millions of dollars vanished.

Thanks to intelligence from the FBI, I quickly learned that the attack on my company’s site showed all the signs of a sophisticated international crime group that targets early-stage startups for ransom.

If the statistics are right, most business leaders in my shoes would have chosen to make a deal with the extortionist and move on. But when the veiled threat of a ransom request came, capitulation was out of the question.

For one, investors had entrusted me with their money. Secondly, my training as an engineer and entrepreneur simply wouldn’t let me back down. Having built large-scale infrastructure at Facebook and Airbnb, I knew how to navigate complex systems under duress. I approached recovery like any other business problem: set a goal, assemble a team, build a strategy, execute.

Clear goals with the right team

From the start, my goal was non-negotiable: recover all data, restore the platform and bring it online securely. I also knew I needed the right team — legal advisers who understood the law, anticipated the criminals’ next move, and had strong law-enforcement ties.

Just as important, they had to believe in the mission. Finding that wasn’t easy. Most advisers dismissed the loss or urged me to simply file a claim, a demoralizing response for a founder in crisis.

Amy Mushahwar of Lowenstein Sandler was different. She understood the mission and what it meant to me. I never doubted their resolve. Amy’s colleague Tricia Wagner, for example, spent her birthday consolidating key evidence for law enforcement.

Fearless strategic execution

Our strategy was designed to corner the crime ring with their own lies. It rested on three pillars: patience, detailed evidence and fearlessness.

Essentially, if the crime ring refused a demand (e.g., access or data return) or claimed that something had been deleted, like AI training data or validation, we presented them with detailed evidence that directly contradicted their claims.

The strategy worked because I knew the technical details of the site better than they did. Drawing on my legal team’s relationships, we also leveraged the expertise of law enforcement.

With multiple negotiated encounters, letters and interactions, we countered the endless string of denials that data wasn’t available and access to certain platforms was not essential. But I knew the platforms and data that were essential and fought for them.

While negotiations played out, I shifted Eat Cook Joy’s operations offline to protect customer data. At the same time, we doubled engineering resources, addressed security vulnerabilities and reinforced protections around intellectual property.  In the end, our strategy worked: Within weeks of the ransom demand, the crime ring had transferred everything back.

Lessons for founders

It was an extraordinary result. But successfully resisting a ransomware attack shouldn’t be as uncommon as it is. I believe my experience offers lessons for other startups facing the threat of ransom:

• Set a clear goal. Define success upfront — full recovery with no compromise.
• Do not pay. Paying ransom fuels more attacks and doesn’t guarantee results.  There may be circumstances where payment is necessary (such as lack of backups and the need for an encryption key), but if these needs don’t exist, fight on.
• Build the right team. The right team with the right goal can navigate even the toughest crises. Look for lawyers with relevant experience and good relationships with law enforcement. But just as important, look for their commitment to the stated goal.
• Document everything. Evidence strengthens your position with both law enforcement and adversaries.
• Safeguard trust and capital. Protecting customers and investors must remain the top priority. Move or reinforce bank accounts, if necessary, to prevent direct monetary theft.

Two weeks after regaining full control, Eat Cook Joy was back online and taking production traffic. Within six months of launch, our chef network tripled. Eat Cook Joy is now on track to generate $1 million in annualized revenue this fall, making it one of the fastest-growing startups in the food space. What could have been a devastating setback instead became a defining moment for my company.

Zainab Ghadiyali is a founder and builder who strongly believes that technology should expand access, not gatekeep it. She previously founded Eat Cook Joy, one of the fastest-growing food tech startups in the U.S., and built products at Facebook, Airbnb and Canva. Recognized as one of Foreign Policy’s Top 100 Global Thinkers for her work at the intersection of tech and inclusion, she is now building Stackbirds, a platform democratizing AI agent technology to empower the next generation of entrepreneurs.

Illustration: Dom Guzman