Asahi Data Breach Exposes 1.5 Million Customers
▼ Summary
– Asahi’s September cyberattack impacted up to 1.9 million individuals, including customers, employees, and external contacts.
– Compromised data includes names, addresses, phone numbers, and email addresses, which could be used for phishing attempts.
– The incident was a ransomware attack claimed by Qilin, who published stolen data samples to prove their intrusion.
– No payment card information was exposed, and Asahi has established a contact line for affected individuals.
– Asahi is still restoring systems two months later and implementing enhanced security measures to prevent recurrence.
Asahi Group Holdings, Japan’s premier beer manufacturer, has concluded its investigation into a major September cyberattack, revealing that approximately 1.9 million individuals were affected by the security breach. The compromised information includes full names, genders, home addresses, telephone numbers, and email addresses, which could potentially be exploited in targeted phishing campaigns.
The company first acknowledged the incident on September 29, when it was compelled to halt production and distribution activities due to the cyber intrusion. Initially, Asahi reported no signs that customer information had been accessed by unauthorized parties. However, within days, the situation escalated as the company confirmed it had fallen victim to a ransomware attack and that data had indeed been stolen.
Following this disclosure, the Qilin ransomware group took responsibility for the breach, asserting they had obtained 27 gigabytes of data from Asahi. To substantiate their claim, the hackers publicly released samples of the stolen files on their dedicated leak website.
According to an official company announcement, the impacted individuals break down into several distinct groups. Approximately 1.525 million customers who had interacted with Asahi’s various customer service centers, covering breweries, drinks, and food divisions, are affected. The breach also extends to 114,000 external contacts who had received congratulatory or condolence messages from the company, along with 107,000 current and former employees and an additional 168,000 of their family members.
The specific types of personal data exposed differ among these groups. Customer records may contain names, gender, physical and email addresses, and phone numbers. For employees and their families, the compromised information could also include dates of birth. The company has emphasized that no financial data or payment card details were exposed during this incident. A special helpline has been set up to assist those concerned about their personal information.
Two months after the initial system compromise, Asahi’s CEO, Atsushi Katsuki, reported that the company is still working to fully restore all affected systems. “We are dedicating all necessary resources to achieve complete system recovery at the earliest opportunity,” Katsuki stated. “Simultaneously, we are enacting stronger safeguards to prevent future incidents and bolstering information security protocols throughout the entire Group.” He added that product shipments are gradually resuming in tandem with the progress of system repairs.
The comprehensive preventative strategy being implemented involves several key actions. These include redesigning communication pathways, tightening network access controls, limiting external internet connectivity, upgrading threat detection systems, conducting thorough security audits, and overhauling backup and business continuity plans to ensure greater resilience against future cyber threats.
(Source: Bleeping Computer)
