Asahi Cyberattack: Qilin Ransomware Exposes 1.5M People, Cripples Production
The Japanese brewing giant Asahi has revealed that a September cyberattack resulted in one of the most significant data incidents in its history: the personal information of more than 1.5 million people was put at risk, while the ensuing disruption affected both production processes and the company’s financial planning.
In a published report, Asahi describes a ransomware assault that crippled operations at its factories across Japan and forced staff to process orders manually, on paper. The first signs of trouble appeared on September 29 at one of the company’s data centers.
Although the affected system was quickly isolated, the investigation showed that the intruders had infiltrated the network in advance, encrypted data, and deployed ransomware designed to block access to files until a payment was made. The company has not officially disclosed either the ransom demand or the identity of the perpetrators, though the Qilin group has already claimed responsibility.
According to the internal review, the data most at risk belongs to customers who contacted Asahi’s call centers and support services. The potentially compromised dataset includes more than 1.52 million entries containing names, genders, addresses, and contact details. The company also highlights possible risks to the data of roughly 107,000 current and former employees, 168,000 of their family members, and 114,000 external partners and other contacts.
To date, only 18 elements of employee personal data have been confirmed as compromised, discovered on corporate laptops. All other records are being treated as potentially exposed. Notably, payment card information is not among the affected datasets. Asahi states that it has found no evidence of public leaks and that the incident appears confined to systems operated within Japan.
The company says it spent nearly two months containing the aftermath and is now gradually restoring its IT infrastructure and rebuilding its network with enhanced safeguards. To focus on recovery efforts, Asahi is postponing the release of its annual financial results. The group stresses that its European operations, including the Peroni and Fuller’s Brewery brands, were not impacted.
Disruption of Asahi’s information systems led to noticeable delays in domestic shipments of beer and soft drinks. Japanese retailers reported shortages on shelves, a striking development given the company’s roughly 40 percent share of the national beer market.
Reduced deliveries affected not only popular beer varieties but also non-alcoholic beverages such as ginger beer and soda. Shipments are now gradually resuming; Asahi’s president and CEO, Atsushi Katsuki, has issued public apologies for the shortages and emphasized that the group is working toward full system restoration and stronger data protection.
The Asahi incident joins a string of severe ransomware strikes on major corporations. Earlier, automotive manufacturer Jaguar Land Rover suffered a large-scale cyberattack that forced factory stoppages in the United Kingdom and required emergency financing to keep production and supply chains afloat.
Together, these events underscore how attacks on the digital infrastructure of global brands increasingly translate into tangible disruptions to physical goods and risks for entire industries. For businesses, it is a stark reminder that cybersecurity has become an essential pillar of corporate resilience.
Support Our Threat Intelligence
If you find our technology report and cybersecurity news helpful, consider supporting our work.
Buy Me a Coffee
PayPal
