Asahi cyber-attack puts over 1.5 million customer records at risk
Japanese brewing giant Asahi has disclosed that a September ransomware attack may have compromised personal information belonging to more than 1.5 million people, in what is emerging as one of the most disruptive cyber incidents to hit a major consumer goods company this year.
The firm confirmed on Thursday that the breach had severely affected its operations across Japan, forcing factories to halt systems and employees to revert to manual order-taking as investigators worked to contain the damage.
In a statement outlining preliminary findings from its internal probe, Asahi said personal details of customers who had contacted its service centres are likely to have been exposed.
Those affected will be contacted directly, the company added, as it continues to assess the extent of the leak.
The brewer also said it would delay its full-year earnings announcement to focus resources on recovery and mitigation efforts.
Ransomware infiltrated systems despite swift containment
Asahi traced the disruption to one of its data centres on 29 September.
While the affected network was isolated shortly after detection, investigators later determined that ransomware had already been deployed, encrypting data and blocking access to internal systems.
The company did not identify the perpetrators or outline any ransom demands.
However, ransomware group Qilin, known for targeting large corporations, previously claimed responsibility online.
For now, only 18 pieces of employee-related data stored on company laptops are confirmed to have been exposed.
Nevertheless, Asahi said other information should be regarded as potentially compromised, including the personal records of more than 1.52 million customers — names, addresses, gender, and contact details.
Data belonging to roughly 107,000 current and former employees, 168,000 family members, and 114,000 external business contacts may also have been accessed.
No credit card or payment details were found among the leaked material.
Factories slowed, shelves emptied, and the recovery continues
The two-month recovery effort significantly disrupted Asahi’s supply chain.
The company, which commands about 40% of Japan’s beer market, experienced widespread product shortages in stores across the country.
Inventory of beer and soft drinks, such as ginger beer and soda water thinned as systems were restored and logistics rerouted.
President and CEO Atsushi Katsuki apologised publicly for the difficulties, stating that full restoration of network infrastructure remains a priority.
The outage appears confined to systems operated in Japan, with Asahi stressing that its Europe-based subsidiaries, including Peroni and Fuller’s Brewery, were unaffected.
The company said shipments have begun to resume gradually, though full normalisation may take time.
Growing wave of corporate cyber-attacks
The breach places Asahi among a growing cohort of major consumer and industrial brands hit by ransomware.
Jaguar Land Rover recently tapped emergency funding after a similar incident crippled manufacturing operations in the UK.
As regulators push firms to increase cyber resilience, Asahi says it is now strengthening internal security and taking steps to prevent recurrence.
The beer maker faces the dual challenge of restoring consumer trust and proving that its response can keep future threats at bay — a test that may shape corporate governance across Japan’s food and beverage sector.
The post Asahi cyber-attack puts over 1.5 million customer records at risk appeared first on Invezz
