Japanese brewer Asahi says as many as 1.5 million people may have had their personal information exposed following a cyberattack.
The incident began on September 29, when Asahi’s systems were hit by ransomware that encrypted multiple servers and some employee PCs. Investigators found the attacker had slipped into the data center network through on-site equipment before deploying the malware.
As part of its investigation, the company says it has confirmed that the data linked to people who reached out to its customer support teams was among the material accessed, and that it is preparing to notify those affected.
Asahi hit by cyberattack
While Asahi has stressed that the impact is confined to systems operated in Japan, the breach potentially affects 1,525,000 customers who contacted Asahi Breweries, Asahi Soft Drinks, or Asahi Group Foods, along with 107,000 employees and retirees, 168,000 family members of employees, and 114,000 external contacts.
The company noted that credit card details were not involved and that no exposed data has been found circulating online.
President and Group CEO Atsushi Katsuki issued an apology, saying: “I would like to sincerely apologize for any difficulties caused to our stakeholders by the recent system disruption… We are making every effort to achieve full system restoration as quickly as possible, while implementing measures to prevent recurrence and strengthening information security across the Group.”
Following the attack, Asahi has outlined a slate of long-term protective steps, including redesigned network routes, tighter external access rules, upgraded threat detection, revised backup strategies, and expanded employee training.
