Japanese beverage and food giant Asahi Group Holdings has confirmed that a ransomware attack has disrupted its operations and may have led to a leak of personal and financial data. The Asahi Group cyberattack has forced the company to delay the release of its financial results for the January–September period, which was originally scheduled for November 12, 2025.
The cyberattack on Asahi Group, which occurred on September 29, 2025, caused a major system disruption across Asahi’s domestic operations, suspending automated order and shipment processes.
Despite the challenges, the company has prioritized maintaining product supply and has begun manual order processing and partial shipments to customers.
Asahi Group Cyberattack Claimed by Qilin
A hacker group calling itself Qilin claimed responsibility for the ransomware attack on October 7, alleging it had stolen more than 9,300 data files, including employee personal information and financial records. The following day, Asahi confirmed that some of the data claimed to be stolen was indeed found online.
Investigations are ongoing to determine the extent of the Asahi Group data breach and the nature of the compromised data. The company stated that while the incident impacted its technology infrastructure in Japan, there is currently no indication that systems or data outside Japan were affected.
“As part of our ongoing investigation, we have confirmed that data suspected to have been transferred without authorization has been found on the internet,” the company said. “We are conducting investigation to determine the nature and scope of the information that may have been subject to unauthorized transfer. Should the investigation confirm any impact from unauthorized data transfer, notifications will be delivered promptly.”
Operational Recovery Underway
The Asahi Group ransomware attack temporarily halted operations at Asahi’s domestic production facilities. However, gradual recovery efforts have been underway since early October.
- Asahi Breweries resumed production at all six of its factories on October 2, with partial shipments of Asahi Super Dry restarting soon after. From October 15, shipments of other products such as Asahi Draft Beer and Asahi Dry Zero are set to partially resume.
- Asahi Soft Drinks began partial production at six of its seven domestic factories by October 8, and all seven factories are expected to resume operations by October 9.
- Asahi Group Foods has also partially resumed production at all seven of its domestic facilities.
Despite these progress updates, Asahi’s systems have yet to be fully restored, and no clear timeline for complete recovery has been provided.
The Asahi Group cyberattack has also delayed access to critical accounting-related data, which has impacted the company’s ability to finalize its third-quarter financial reports.
Financial Reporting Delayed
In its official statement, Asahi Group said the delay in its financial disclosures was necessary to ensure accuracy and compliance. “The Company sincerely apologizes for any inconvenience this postponement may cause to its shareholders, investors, and other stakeholders,” the statement read. The firm added that it is reviewing the impact of the system disruption on its financial performance and will announce a new disclosure date once restoration efforts progress further.
The company has assured that updates regarding the Asahi Group cyberattack, its financial results, and any confirmed data exposures will be made promptly and transparently.
