Ask Onix
Asahi Cyberattack Exposes Data of Over 1.5 Million Customers
Japanese beverage giant Asahi Group Holdings disclosed on Thursday that a ransomware attack in late September may have compromised the personal data of more than 1.5 million customers, along with information on employees, their families, and external contacts.
Attack Disrupts Operations, Delays Financial Reporting
The company revealed in a statement that the cyberattack, first detected on 29 September, forced factories in Japan to halt digital operations, pushing staff to process orders manually. Asahi has since delayed its full-year financial results to prioritize recovery efforts.
While the firm isolated the affected data center, investigators confirmed the attacker had already encrypted systems and deployed ransomware. Though no ransom demands were publicly disclosed, the group Qilin-known for previous high-profile breaches-claimed responsibility for the attack.
Scope of the Data Breach
Asahi confirmed that 18 items of employee data stored on company laptops were definitively exposed. However, the broader risk includes:
- 1.52 million customers: names, genders, addresses, and contact details;
- 107,000 current/former employees and 168,000 family members;
- 114,000 external contacts who communicated with the company.
The company stressed that no credit card information was compromised and that there is no evidence the leaked data has been publicly released. The impact remains confined to Japan-based systems, sparing its European brands like Peroni and Fuller's Brewery.
Operational Fallout and Recovery
The attack triggered shortages of Asahi's beer and soft drinks-including ginger beer and soda water-across Japan, where the company commands roughly 40% of the beer market. Shipments are now resuming gradually, according to President and CEO Atsushi Katsuki, who issued a public apology for the disruption.
"We are working tirelessly to restore full system functionality while reinforcing security measures to prevent future incidents," Katsuki stated.
The company spent nearly two months containing the breach and is now focused on system restoration and network reconfiguration.
Broader Context: Rising Cyber Threats
Asahi's incident follows a wave of cyberattacks targeting global corporations. Earlier this year, Jaguar Land Rover accessed emergency funds after a similar attack crippled its UK factories, underscoring the growing vulnerability of industrial sectors to ransomware.
