Japanese beer-making giant Asahi has disclosed today that a ransomware attack caused the IT disruptions that forced it to shut down factories this week.
The Tokyo-based beverage holding company is the largest beer brewer in Japan, employing 30,000 people and producing 100 million hectoliters of beverages.
The company also owns the Peroni, Pilsner Urquell, Grolsch, and Fullers brands, and it reported an annual revenue of nearly $20 billion in 2024.
Asahi revealed in a statement today that a cyberattack disclosed on Monday led to the deployment of ransomware on its network and that a subsequent investigation has also found evidence of data theft from compromised devices.
“Asahi Group Holdings, Ltd. is currently experiencing a system failure caused by a cyberattack, affecting operations in Japan,” the company said on Monday.
While Asahi has now confirmed that a ransomware attack has hit its systems, no ransomware operations have claimed responsibility for the attack, implying that the company has either not responded to the attackers’ demands, is still negotiating, or has already paid a ransom.
“Upon detecting the incident, we established an Emergency Response Headquarters to investigate the incident, through which we confirmed that our servers were targeted by a ransomware attack,” the company said today.
“Subsequent investigations have confirmed traces suggesting a potential unauthorized transfer of data. We are conducting investigation to determine the nature and scope of the information that may have been subject to unauthorized transfer.”
BleepingComputer has yet to receive a reply after reaching out to Asahi following the initial disclosure to ask if any cybercrime groups had demanded a ransom and if systems on the company’s network had been encrypted.
According to Asahi, while the ransomware attack has only impacted factories in Japan, it has forced the company to switch to manual order processing and shipment because its “system-based order and shipment processes remain suspended.”
“While we are unable to provide a clear timeline for recovery at this time, our Emergency Response Headquarters is working in collaboration with external cybersecurity experts to restore the system as quickly as possible. The scope of the system disruption is currently limited to Japan,” it noted.
Join the Breach and Attack Simulation Summit and experience the future of security validation. Hear from top experts and see how AI-powered BAS is transforming breach and attack simulation.
Don’t miss the event that will shape the future of your security strategy
