Japan’s leading beer producer, Asahi Group Holdings, grapples with a major ransomware attack that halts domestic production and exposes critical cybersecurity shortcomings, raising concerns over the nation’s digital resilience.
Asahi Group Holdings Ltd., Japan’s producer of the country’s most popular beer, Asahi Super Dry, has revealed that a ransomware cyberattack has brought production at its domestic factories to a standstill, exposing significant vulnerabili...
Continue Reading This Article
Enjoy this article as well as all of our content, including reports, news, tips and more.
By registering or signing into your SRM Today account, you agree to SRM Today's Terms of Use and consent to the processing of your personal information as described in our Privacy Policy.
ties in Japan’s cybersecurity preparedness. The company confirmed that the attackers infiltrated its systems using ransomware, which has paralyzed critical operations including ordering, shipment, and call centre services across its domestic group companies.
The incident, first reported at the end of September 2025, forced the halt of production at most of Asahi’s approximately 30 factories in Japan. While the group has isolated the affected systems and initiated some manual order-taking and shipping processes, it still cannot estimate when normal operations will resume. Speaking in an official statement, Atsushi Katsuki, president and group CEO of Asahi, said the company is “investigating the content and scope of any possible information leak” and striving “to achieve recovery at the earliest possible date, while prioritizing product supply to customers and finding alternative means to fulfil orders.”
Despite assurances that no personal or customer data has yet been confirmed as compromised, cybersecurity experts warn this could change as investigations continue, with traces suggesting potential unauthorised data transfers. The attack’s impact remains confined to Asahi’s domestic operations; its overseas business, including brands like Peroni and Fullers, remains unaffected. Nevertheless, the disruption is already being felt widely in Japan, with major retailers such as Seven & i Holdings, and convenience store chains Lawson and FamilyMart warning customers to brace for shortages of Asahi products, including beer and other food items.
Industry insiders and security specialists point to the prolonged recovery time as indicative of inadequate preparation for large-scale cyber incidents. Nobuo Miwa, representative director at security firm S&J Corp., remarked, “The fact that a big company like this is taking so long to recover shows their preparation was inadequate. This should’ve been anticipated and planned for.” This sentiment underscores growing concerns about Japan’s digital supply chains, which tightly link factory production floors to retail outlets in everyday life. The incident has raised alarm bells about the country’s overall cybersecurity resilience, particularly given the increasing prevalence of ransomware attacks globally.
The disruption extends beyond warehouses and retail stores, affecting businesses like the Marugen Ramen chain and shabu-shabu restaurant chain Kisoji, which are considering shifting to rival brands such as Suntory and Kirin should Asahi’s stock run out. Although many 7-Eleven stores source soft drinks from dedicated inventory hubs to limit immediate impact, some e-commerce platforms, including Aeon supermarket, have temporarily suspended sales of Asahi beverages.
Cybersecurity consultant David Suzuki highlighted the broader implications for Japan’s general public, stating that if Asahi beer were to disappear from shelves, it would serve as a wake-up call in a country where cyber-literacy remains low and small- to medium-sized businesses dominate the economy. He noted, “It’s not life-threatening, but it actually makes the average consumer—the average person on the street—realise that ‘Oh, this can actually affect me.’”
Asahi’s shares have reacted negatively to the incident, dropping approximately 7% amid uncertainty over the duration and full impact of the cyberattack. The company competes fiercely in a saturated Japanese beverage market alongside Kirin Holdings and Suntory Beverage & Food.
In response, Asahi established an Emergency Response Headquarters and is working with external cybersecurity experts to restore systems. The company has also started to gradually resume call centre operations to manage customer enquiries and is prioritising the safeguarding of critical data, including personal information about customers and business partners.
The company has not provided a timeline for recovery and is still assessing potential impacts on its financial results for the fiscal year ending December 2025.
This high-profile attack reveals how even large and otherwise well-resourced corporations are vulnerable to cyber threats, highlighting an urgent need for robust cybersecurity strategies in Japan’s corporate and public sectors as ransomware attacks continue to rise. According to the National Police Agency, Japan experienced 116 reported ransomware cases in the first half of 2025 alone, equalling the previous six-month record set in late 2022. Such data underscores that cyber threats are both persistent and escalating within the country’s increasingly digital economy.
Source: Noah Wire Services
