Asahi has confirmed it has been the victim of a ransomware attack, resulting in an “unauthorized transfer of data” from its servers.
The brewing giant provided the update on October 3, around one week after disclosing it had been targeted by a cyber-attack which forced it to suspend some domestic operations in Japan.
The company established an Emergency Response Headquarters to investigate the incident, which discovered that the attack was ransomware related.
“Subsequent investigations have confirmed traces suggesting a potential unauthorized transfer of data. We are conducting investigation to determine the nature and scope of the information that may have been subject to unauthorized transfer,” Asahi wrote.
The firm said it isolated affected systems to try and safeguard critical data, including the personal information of customers and business partners.
No information has been provided on whether a ransom demand has been issued by the hackers.
“To prevent further damage, we are withholding specific details regarding the cyber-attack,” Asahi added.
No ransomware group appears to have claimed the attack at the time of writing.
Asahi Begins Manual Operations, But Disruption Continues
The Tokyo-based company, which owns a range of well-known global drinks brands, also provided more details on the operational impact caused by containment measures.
Order and shipment operations at group companies in Japan were immediately suspended following detection, as were call center operations, including customer service desks.
In the latest update, Asahi revealed that system-based order and shipment processes remain suspended. It is also currently unable to receive email communications from external sources.
However, the company has begun partial manual order processing and shipment. In addition, it aims to “partially and gradually” resume call center operations, including customer services, across its Asahi Breweries, Asahi Soft Drinks and Asahi Group Foods, during the week starting October 6.
“While we are unable to provide a clear timeline for recovery at this time, our Emergency Response Headquarters is working in collaboration with external cybersecurity experts to restore the system as quickly as possible. The scope of the system disruption is currently limited to Japan,” Asahi noted.
On October 1, the company announced it had postponed the launch of a new product scheduled to be released in October due to the cyber-attack. A new release date has not been confirmed at this time.
The potential impact of the incident on Asahi’s financial results for fiscal year 2025 is currently under review.
Image credit: karanik yimpat / Shutterstock.com