-
Asahi Group has become a victim of a recent ransomware breach, which led to the exposure of credentials of over 1.5 million clients.
-
The hackers hacked into Asahi’s servers and computers, stealing personal data of customers, external parties, and employees.
-
The Qilin gang claims ownership of the cyber hack, listing Asahi Group on its dark web leak site.
Asahi Group Holdings announced that it experienced a ransomware attack that led to the leak of more than 1.5 million customers’ personal information. The Japanese brewing firm noted that it spotted this hack on September 29th. The beer producer noted that hackers gained access to its networks via “equipment” situated at its site.
The threat actor released the encryptor on several servers and certain connected personal computers (PCs). However, the actor didn’t do that until it exfiltrated useful data from Asahi’s company-issued computers that were provided to specific employees.
Asahi Group Experiences Notable Breach
Speaking at a Thursday news conference, Asahi said that it had commenced investigations following the identification of the ransomware hack. The firm noted that the breach affected operations in Japan, causing workers to take orders using pen and paper instead of computers.
The beer maker noted that attackers may have compromised the personal information of individuals who communicated with its customer service offices. The firm also indicated that it will soon contact the individuals affected by the incident. Asahi also stated that it is going to delay the release of its complete financial results for the year as it is concentrating on reducing the risk associated with the attack. In addition, Asahi said that it did not make any comments about the demands of the threat actor or any information regarding their identity.
There is currently no proof that the hacker claims to misuse or seeks to sell the data online. However, a notorious ransomware threat actor, Qilin, which has previously attacked other prominent firms, claims responsibility for the Asahai hack.
Asahi’s chief executive officer, Katsuki Atsushi, discussed the recent data breach during the conference, saying that the hacker had repeatedly breached its servers. Individuals who contacted Asahi’s customer service centers, Asahi Soft Drinks, or Asahi Group Foods may have also been compromised. Overall, attackers may have exposed the credentials of about 1,525,000 individuals.
Attackers may have also exposed an additional 300,000 individuals, including employees, their relatives, and external contacts.
Qilin Takes Responsibility for the Breach
Qilin ransomware gang listed the Asahi group on its dark web data leak website. According to the group’s claim, it has stolen over 27GB worth of files from Asahi, which include contracts and budgets, financial files, and the personal information of workers. Furthermore, the group may have stolen development forecasts and plans of Asahi.
According to a recent report, Guidepoint noted that the Russia-linked threat-acting group currently ranks as the leading ransomware group globally. Qilin’s activities reportedly leaped to 318% YoY during the previous quarter, and have claimed a staggering 234 victims worldwide. Furthermore, the report showed that the group has claimed responsibility for hacks on manufacturers, retailers, financial companies, healthcare providers, and government agencies globally.
In the past months, Qilin has listed prominent entities on its data leak website, such as IGT—a worldwide gambling tech provider—in August 2025. The threat actor group also breached into Nissan Creative Box, which is the creative subsidiary of the Japanese multinational automobile manufacturing company, and has even targeted national security, as seen in their claim of data theft from Australian naval programs.
