Tokyo, November 28, 2025
Japanese beverage producer Asahi disclosed a ransomware attack on September 29, 2025, that compromised the personal data of approximately 1.52 million customers, along with employees and contacts, disrupting operations and supply chains nationwide. The Qilin ransomware group claimed responsibility for the breach targeting Asahi’s data center in Japan.
Operational Disruptions and Immediate Response
The cyber assault encrypted critical systems, forcing Asahi to halt order processing, shipping, and call-center functions for its domestic business. Factory activities at six facilities across Japan were similarly impacted but resumed within a week. During this period, employees resorted to manual order-taking with pen and paper amid widespread disruption. The attack also led to significant shortages of Asahi’s products, including the flagship “Super Dry” beer, affecting retailers, restaurants, and bars across the country.
Scope and Nature of the Data Breach
Asahi’s preliminary investigation revealed that personal information of about 1.52 million customers was exposed. Beyond customers, data on approximately 107,000 current and former employees, 168,000 family members, and 114,000 external contacts who interacted with the company were also compromised. In total, the breach potentially affected nearly 1.914 million individuals. The leaked data included names, genders, dates of birth, postal addresses, email addresses, and phone numbers. Notably, credit card information was not part of the compromised data.
Attacker Identification and Claims
The Qilin ransomware group publicly claimed responsibility on October 7 by listing Asahi on its data leak site and asserting theft of roughly 27 gigabytes of data. Asahi has neither confirmed the group’s identity nor disclosed specific ransom demands but acknowledged collaborating with external cybersecurity experts to assess the breach’s full extent.
Business and Financial Impacts
The cyberattack forced Asahi to delay its full-year financial results and postpone the launch of a new product initially scheduled for October. Supply chain disruptions contributed to scarcity across domestic beverage markets. Despite these challenges, the company emphasized that production output resumed quickly, limiting longer-term operational damage.
Company’s Ongoing Investigation and Precautions
Asahi stated there is no confirmed evidence that the stolen data has been publicly disclosed. The breach appears confined to systems managed within Japan, according to the company’s findings. Asahi committed to notifying affected individuals should further investigation verify unauthorized data transfers. This incident has prompted a thorough review of security protocols and underscored the critical need for enhanced cyber defenses.
Ransomware attacks targeting major corporations continue to illustrate significant risks to business continuity, data privacy, and supply chain stability. The Asahi breach serves as a potent reminder of the evolving threat landscape confronting global enterprises and the importance of decisive response strategies to mitigate cascading operational and reputational impacts.