Asahi, Japan’s leading beer manufacturer, has alerted customers to the possibility of personal data being compromised due to a recent ransomware attack. The incident, which occurred late last month, severely impacted the company’s operations, leading to the shutdown of production at most of its 30 Japanese breweries.
The cyberattack crippled crucial systems, affecting everything from order processing and delivery logistics to the company’s accounting functions. While Asahi has now partially reopened its facilities and resumed production, its computer systems remain offline. This has necessitated a return to manual methods, with orders currently being managed using traditional pen, paper, and fax machines.
In a public statement, Asahi confirmed its ongoing investigation into the extent of the breach, specifically examining whether personal information was accessed or exfiltrated by the attackers. The company has pledged to promptly inform any affected individuals and implement appropriate protective measures, adhering to all relevant personal data protection laws, should the investigation confirm a data compromise.
Details regarding the specific types of personal information potentially stolen have not yet been disclosed, as Asahi continues its investigation and has refrained from offering further comment on the matter.
The cyberattack has also led to a delay in the release of Asahi Group’s third-quarter financial results. The company indicated that the exact timing of the financial disclosure would depend on the progress made in restoring its IT systems, which is expected to be more than 45 days after the conclusion of the October to December quarter.
The ransomware group Qilin, believed to be based in Russia, has claimed responsibility for the attack. This group has been linked to previous breaches targeting major organizations, including the UK’s National Health Service (NHS).
This incident is the latest in a series of cyberattacks affecting prominent businesses. Earlier this year, companies such as Jaguar Land Rover, Marks and Spencer, and Co-op experienced similar disruptions.
The UK’s National Cyber Security Centre has reported a significant increase in major cyber-attacks, averaging four per week. They are strongly advising businesses to adopt concrete measures to bolster their defenses against such threats.