Cyberattack cripples operations at Japanese brewing giant Asahi

Shipping, orders and customer service suspended

Image:

Cyberattack cripples operations at Japanese brewing giant Asahi. Source: Cegoh, Pixabay, Pixabay Content License

Japanese brewing giant Asahi Group Holdings has been hit by a cyberattack that triggered a major systems failure, disrupting key business operations across Japan.

The incident, confirmed by the company on Tuesday, has forced the suspension of order and shipment activities, along with customer service operations within the country.

The brewer – one of Japan's largest, holding nearly one-third of the domestic market – assured customers that there has been no confirmed leakage of personal data. However, the company also noted that investigations are ongoing and did not rule out the possibility of further developments.

"We are actively investigating the cause and working to restore operations; however there is currently no estimated timeline for recovery," Asahi said in a public statement, adding, "The system failure is limited to our operations within Japan."

The company said its European operations remain unaffected, including its UK beer supply and other international manufacturing activities.

Asahi has issued an apology to customers and business partners and promised updates as the situation evolves.

Asahi's international footprint includes several prominent beer brands and acquisitions, such as Peroni, Pilsner Urquell, Grolsch and the UK-based Fullers, which produces London Pride, Cornish Orchards and Dark Star.

The company employs approximately 30,000 people globally. In 2024, the group posted revenue nearing $20 billion, with about half of its sales occurring in Japan.

The impact of the cyberattack could be significant, given Asahi's dominant presence in the Japanese market and its central role in both retail and wholesale beverage distribution. Disruptions in the ordering and shipment chain may also create ripple effects for resellers, restaurants, bars and logistics providers.

No group claims responsibility yet

As of now, no ransomware group has claimed responsibility for the attack and the precise origin or method used remains undisclosed.

The absence of a public claim does not necessarily indicate a less severe breach, according to Kevin Marriott, senior manager of Cyber at cybersecurity firm Immersive.

"In their statement, Asahi said 'there has been no confirmed leakage'. As is often the case in these situations, stances on what has and hasn't been compromised can change, so this may not be a definitive position and data might have been stolen," Marriott said.

"While the disruption is currently confined to one country, Asahi has a significant market share in Japan of almost 40%. Therefore, disruption to production will be costly to Asahi and potentially resellers."

Marriott further warned that the complex, interconnected nature of manufacturing networks leaves them increasingly vulnerable to such attacks.

"Cybercriminals are increasingly targeting the operations of global brands, with Asahi the latest victim. A breach in one area can quickly ripple through supply chains and disrupt operations."

Asahi breach comes amid a notable uptick in cyber incidents in Japan, particularly distributed denial-of-service (DDoS) attacks, which rose 60% year-on-year in December 2024, according to cybersecurity firm Akamai Technologies.

In its 2024 annual report, Asahi itself identified cyberattacks as a key risk, warning of potential business interruption, cashflow issues and reputational damage.

Meanwhile, Europe has also faced its own cyber challenges in recent weeks. A cyberattack on Collins Aerospace, a critical provider of airport check-in and boarding systems, caused severe disruption at major European airports last week and production at JLR is still halted following a ransomware incident.

Earlier this year, UK retailer Marks & Spencer faced losses amounting to hundreds of millions of pounds after a separate attack.