My bad, you are right. He said they paid. The short history of ransomware shows whenever the ransom was paid, the attackers came back again to threat and solicit more money. It's advised not to pay. But only the business owners could have the right "feeling" as they are the only ones who communicated with the attacker(s)