Asahi Brewery: Data from almost 2 million people leaked
At the beginning of October, an IT attack on the Japanese Asahi brewery became known. Data from around 2 million people has been leaked.
(Image: icosha/Shutterstock.com)
Large amounts of data were also leaked during the cyberattack on the Japanese Asahi brewery. This is shown by the investigation results now published. Containing the ransomware attack and restoring the systems took about two months.
This is what Asahi Brewery announced on its website explained. According to the announcement, disruptions occurred in the company's systems on September 29, 2025. During the subsequent investigation, encrypted files were found. On the same day, Asahi disconnected the network and initiated countermeasures to isolate the data center and limit the impact. It turned out that attackers had gained unauthorized access to the data center network through network equipment within the Asahi network. At the same time, the malicious actors distributed ransomware that encrypted data on several servers and some connected PCs.
Data leak noticed
During the investigations, IT staff discovered that some employee PCs were also affected. "Personal information stored on the servers in the data center may have been exposed. We could not determine that any of this data was published on the internet," Asahi explained in the analysis. Furthermore, only systems managed in Japan were affected. As of November 27, 2025, attackers had potentially accessed numerous personal data.
Approximately names, gender, addresses, phone numbers, and email addresses of 1,525,000 people who contacted Asahi's customer service centers, as well as name, address, and phone numbers of 114,000 people to whom Asahi sent congratulations or condolences. In addition, name, date of birth, gender, address, phone number, email address, and other information of 107,000 employees and former staff, as well as name, date of birth, and gender of 168,000 family members of employees and former employees.
Videos by heise
Lengthy recovery
As a result of the cyberattack, Asahi took about two months to contain the ransomware attack, restore the systems, and reinforce security to prevent recurrence. Following the forensic analysis by external IT experts, the company plans to proceed with system restoration in phases – after integrity checks and additional security measures have ensured that the devices are secure. The investigation also included the causes and pathways of unauthorized access or virus infection of computers and networks. Asahi also plans to continue monitoring the situation and implementing improvements.
At the beginning of October, the cyberattack on Asahi became known. This subsequently led to supply problems and the threat of stockouts due to production restrictions.
(dmk)
