## Asahi cyber-attack overview Japanese beer giant Asahi reported that a major cyber-attack in late September crippled parts of its operations in Japan and led to a significant data breach. The incident disrupted order processing, shipping, and customer service functions, and also caused shortages of some drinks in the domestic market. ## Nature of the ransomware incident The attackers infiltrated Asahi’s network through equipment located at a group site, then encrypted data on multiple servers and some connected company PCs using ransomware. Although the company contained the intrusion, the investigation concluded that data had been accessed and copied before the encryption was deployed. ## Scale of affected individuals Asahi stated that personal data of roughly 1.5 million customers, and in total around 1.9 million individuals, was or may have been exposed in the breach. The firm emphasised that the impact is confined to systems managed in Japan, with no indication that overseas systems were affected. ## Types of data potentially leaked The potentially exposed information for customers includes names, gender, postal addresses, phone numbers, email addresses, and in some cases dates of birth. Asahi clarified that credit card details were not part of the compromised data set identified to date. ## Impact on employees and contacts In addition to customers, data involving approximately 107,000 current and former employees and around 168,000 family members may also have been leaked. The names and contact details of about 114,000 external contacts who interacted with the company, including those receiving formal messages from Asahi, were also associated with the breach. ## Operational and financial consequences The ransomware attack forced Asahi to halt order processing, shipments, and call-centre operations for its Japanese business for a period after 29 September. The company also postponed the publication of certain financial results so it could focus on investigation, recovery, and strengthening security controls. ## Responsibility and investigation status A ransomware group known as Qilin publicly claimed responsibility for the attack and said it had exfiltrated internal files from Asahi’s network. Asahi has not disclosed ransom details, and at the time of its announcements it stated that it had no confirmed evidence of large-scale public release of the stolen personal data, though it treats nearly all of it as at risk. *** > Asahi has confirmed that credit card data was not among the information identified as potentially leaked in the September ransomware incident. *** ### Author’s summary The Asahi case highlights how a single ransomware intrusion can disrupt core operations, expose data of nearly two million people, and force a major consumer brand to overhaul its security posture.

more

BBC — 2025-11-27

---

More News

• Five lessons from Côte d’Ivoire that Nigeria can no longer ignore
• Latest International and Political Updates from BBC News
• Bijoux Divoire présente un ensemble en or plaqué zircon en édition limitée
• New AI chip may challenge Nvidia’s long-held dominance in critical computing technology
• Term limits will not make Congress work better
• Photo by Bijoux Divoire: Elegant Jewelry Showcase from November 2025
• Championship: Sheffield United Lead Leicester 3-1; Hull Level at Stoke; Bristol City Ahead of Portsmouth
• Will the AI Boom Go Bust? | BBC News – Exploring the Future of Artificial Intelligence
• Ex-F1 Driver Adrian Sutil Arrested in International Raid