Asahi Hit by Ransomware Attack, Data Breach Confirmed
▼ Summary
– Asahi confirmed a ransomware attack caused IT disruptions that forced factory shutdowns in Japan this week.
– The company discovered evidence of potential data theft from compromised devices during their investigation.
– No ransomware groups have claimed responsibility, suggesting possible ongoing negotiations or an unpaid ransom.
– Asahi switched to manual order processing and shipment due to suspended system-based operations.
– The company is working with external cybersecurity experts to restore systems but cannot provide a recovery timeline.
Japan’s leading beverage corporation, Asahi Group Holdings, has publicly confirmed that a ransomware attack is responsible for significant IT system failures, leading to the shutdown of multiple production facilities. This incident has severely disrupted the company’s automated order and shipping operations, forcing a temporary shift to manual processing methods. Asahi, a Tokyo-based industry titan with approximately 30,000 employees and an annual production volume reaching 100 million hectoliters, is actively managing the fallout.
The company’s portfolio includes globally recognized brands such as Peroni, Pilsner Urquell, Grolsch, and Fullers. In its most recent fiscal year, the group reported revenues approaching $20 billion. An official statement released by Asahi detailed that the cyber intrusion, first detected earlier this week, involved ransomware being deployed across its network. Furthermore, the ongoing investigation has uncovered evidence pointing to a data breach, with indications that information was illicitly extracted from compromised systems.
Immediately after identifying the security breach, the company established an Emergency Response Headquarters to coordinate its reaction. This team has verified that servers were specifically targeted in the ransomware assault. The investigation is continuing to ascertain the full extent and specific nature of the data that may have been accessed and stolen. As of now, no ransomware syndicate has publicly claimed responsibility for the attack. This silence often suggests that negotiations may be underway, a ransom demand has been paid, or the company has chosen not to engage with the threat actors.
Although the direct impact of the system disruption appears confined to Asahi’s Japanese operations, the consequences are widespread. The suspension of its core digital infrastructure has halted all system-based order and shipment processes. Company representatives have stated that a definitive timeline for a full system restoration is not yet available. The Emergency Response Headquarters is collaborating with external cybersecurity specialists to work towards a resolution as swiftly as possible. The primary focus remains on recovering operational stability and thoroughly understanding the scope of the data security incident.
(Source: Bleeping Computer)
