Asahi admits ransomware gang may have spilled almost 2M people's data
(2025/11/27)
- Reference: 1764249313
- News link: https://www.theregister.co.uk/2025/11/27/asahi_ransomware_numbers/
- Source link:
Asahi has finally done the sums on September's ransomware attack in Japan, conceding the crooks may have helped themselves to personal data tied to almost 2 million people.
Back on September 29, Asahi disclosed a "system failure caused by a cyberattack" that knocked out ordering, shipping, and call center systems across its Japanese operations. Days later, the attack was claimed by the Qilin ransomware crew, which reckons it stole some 27 GB of internal files – including employee records, contracts, financial documents, and other sensitive assets.
Fast forward to November 27, [1]Asahi has finally posted a full breakdown of who and what might be affected. The tally includes 1.525 million people who contacted its customer service centers, 114,000 external contacts who received condolence or congratulatory telegrams, 107,000 current or former employees, and 168,000 of their family members. The exposed data includes names, addresses, phone numbers, email addresses, and in some cases date of birth and gender – but credit card information is not on the list.
[2]
Asahi notes that the exposed data was limited to systems managed in Japan, and none has yet been published. The company also pledges to notify individuals whose data is confirmed to have been compromised – but with nearly two million people in scope, that's a mammoth mailing list.
[3]
In its latest update, Asahi said attackers entered via compromised network equipment at a Group datacenter facility in Japan and deployed ransomware on the same day, encrypting data on multiple live servers and some connected PCs. This forced a broad operational suspension – order processing systems were shut down, shipments paused, and customer service lines silenced. The company isolated the datacenter within hours, but ransomware gangs don't need much time when the door is already open.
[4]Muji's minimalist calm shattered as ransomware takes down logistics partner
[5]Asahi breach leaves bitter taste as brewer fears personal data slurped
[6]No suds for you! Asahi brewery attack leaves Japanese drinkers dry
[7]Asahi runs dry as online attackers take down Japanese brewer
The disruption even interfered with Asahi's annual earnings cadence. The company has delayed the release of its full-year earnings report for the fiscal period ending December 31 by more than 50 days past the financial year close. That's a significant delay in anyone's calendar, especially a brewer with investors, distributors, and retailers waiting for guidance.
The company has made clear that it is restoring systems cautiously and in phases. Product shipments are resuming in stages as isolated systems are validated as secure. The earnings delay suggests full operational normalization will take longer than planned, with [8]Reuters reporting that logistics may not be fully restored until February.
While Asahi may be brewing again at factories, the investigation confirms a sharper flavor of exposure – personal records first, PR headache second, and earnings punted firmly into 2026. If breach disclosures were beer, this one would need a dedicated production line. ®
Get our [9]Tech Resources
[1] https://www.asahigroup-holdings.com/en/newsroom/detail/20251127-0204.html
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aSiDpvXfVVPzBb30tLxUpgAAAJI&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aSiDpvXfVVPzBb30tLxUpgAAAJI&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[4] https://www.theregister.com/2025/10/21/muji_askul_ransomware/
[5] https://www.theregister.com/2025/10/14/asahi_breach_update/
[6] https://www.theregister.com/2025/10/03/asahi_beer_attack/
[7] https://www.theregister.com/2025/09/29/asahi_hacking_outage/
[8] https://www.reuters.com/world/asia-pacific/personal-details-15-million-asahi-group-customers-may-have-been-leaked-2025-11-27/
[9] https://whitepapers.theregister.com/
Back on September 29, Asahi disclosed a "system failure caused by a cyberattack" that knocked out ordering, shipping, and call center systems across its Japanese operations. Days later, the attack was claimed by the Qilin ransomware crew, which reckons it stole some 27 GB of internal files – including employee records, contracts, financial documents, and other sensitive assets.
Fast forward to November 27, [1]Asahi has finally posted a full breakdown of who and what might be affected. The tally includes 1.525 million people who contacted its customer service centers, 114,000 external contacts who received condolence or congratulatory telegrams, 107,000 current or former employees, and 168,000 of their family members. The exposed data includes names, addresses, phone numbers, email addresses, and in some cases date of birth and gender – but credit card information is not on the list.
[2]
Asahi notes that the exposed data was limited to systems managed in Japan, and none has yet been published. The company also pledges to notify individuals whose data is confirmed to have been compromised – but with nearly two million people in scope, that's a mammoth mailing list.
[3]
In its latest update, Asahi said attackers entered via compromised network equipment at a Group datacenter facility in Japan and deployed ransomware on the same day, encrypting data on multiple live servers and some connected PCs. This forced a broad operational suspension – order processing systems were shut down, shipments paused, and customer service lines silenced. The company isolated the datacenter within hours, but ransomware gangs don't need much time when the door is already open.
[4]Muji's minimalist calm shattered as ransomware takes down logistics partner
[5]Asahi breach leaves bitter taste as brewer fears personal data slurped
[6]No suds for you! Asahi brewery attack leaves Japanese drinkers dry
[7]Asahi runs dry as online attackers take down Japanese brewer
The disruption even interfered with Asahi's annual earnings cadence. The company has delayed the release of its full-year earnings report for the fiscal period ending December 31 by more than 50 days past the financial year close. That's a significant delay in anyone's calendar, especially a brewer with investors, distributors, and retailers waiting for guidance.
The company has made clear that it is restoring systems cautiously and in phases. Product shipments are resuming in stages as isolated systems are validated as secure. The earnings delay suggests full operational normalization will take longer than planned, with [8]Reuters reporting that logistics may not be fully restored until February.
While Asahi may be brewing again at factories, the investigation confirms a sharper flavor of exposure – personal records first, PR headache second, and earnings punted firmly into 2026. If breach disclosures were beer, this one would need a dedicated production line. ®
Get our [9]Tech Resources
[1] https://www.asahigroup-holdings.com/en/newsroom/detail/20251127-0204.html
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2aSiDpvXfVVPzBb30tLxUpgAAAJI&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/cybercrime&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44aSiDpvXfVVPzBb30tLxUpgAAAJI&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[4] https://www.theregister.com/2025/10/21/muji_askul_ransomware/
[5] https://www.theregister.com/2025/10/14/asahi_breach_update/
[6] https://www.theregister.com/2025/10/03/asahi_beer_attack/
[7] https://www.theregister.com/2025/09/29/asahi_hacking_outage/
[8] https://www.reuters.com/world/asia-pacific/personal-details-15-million-asahi-group-customers-may-have-been-leaked-2025-11-27/
[9] https://whitepapers.theregister.com/
Setsunai
Harakiri Friday for management I guess....