Personal data potentially stolen in Asahi cyber-attack

Asahi Group Holdings, Japan’s largest brewer, was hit by a major ransomware attack, which forced the immediate shutdown of its domestic order placement, shipment, and customer service systems. The attack, attributed to the Russia-linked Qilin ransomware group, encrypted key IT infrastructure and disrupted nearly all digital business operations for Asahi’s beer and beverage products across Japan. As a consequence, the company and its partners, including major retailers like 7-Eleven and Lawson, faced shortages, with stores warning of empty shelves and delayed deliveries.​
To maintain supply, Asahi resorted to manual order processing methods telephone, fax, and handwritten orders, a major logistical backstep in the digital age. Production at some breweries was gradually restored using these manual processes, but the company postponed launches of 12 new products due to the continuing outage.​
The Qilin group claimed to have stolen 27 GB of files over 9,300 documents including financial records and employee data. While Asahi has confirmed traces of unauthorized data transfer, it has not yet identified specific customer or personal data exposed, citing an ongoing investigation. The incident, which paralyzed Asahi’s core logistics at the start of Japan’s busy autumn beer season, spotlights the broader trend of ransomware groups targeting manufacturing and supply-chain critical companies for maximum disruption and ransom leverage. Asahi engaged law enforcement and cybersecurity experts immediately, but, as of mid-October, IT systems were only partially restored, and manual processes remained.