Japan’s leading beverage company, Asahi, has suffered a significant disruption to its operations following a cyberattack that began on 29 September 2025.
The attack has led to a complete system failure, halting production, order processing, shipping, and customer service activities across the company’s Japanese operations.
Asahi said that there has been no confirmed leakage of personal or customer data to external parties.
Asahi Group Holdings is known for its diverse portfolio of brands, including Asahi Super Dry beer, Nikka Whisky, and Mitsuya Cider.
Established in 1889 and headquartered in Tokyo, the company operates 30 plants in Japan and has a presence in Europe, Oceania, and Southeast Asia.
The cyberattack has led to the suspension of critical operations within Japan, including:
- Order and shipment operations at group companies in Japan
- Call center operations, including customer service desks
Asahi said the system failure is currently limited to its operations within Japan and that there is no estimated timeline for recovery. Still, it is actively investigating the cause of the disruption and working to restore operations.
It has also assured customers and business partners that it is taking all necessary measures to address the situation and prevent future occurrences.
“We sincerely apologize for any inconvenience caused to our customers and business partners,” the statement read.
Anna Collard, SVP of Content Strategy and Evangelist at KnowBe4, commented: “Asahi Group Holdings’ transparent communication following their cyberattack demonstrates exemplary crisis management, with the company proactively disclosing the incident’s operational impact while reassuring stakeholders that no personal or customer data has been confirmed compromised.”
She added that the attack’s severe disruption to ordering and shipping operations underscores how cybercrime increasingly targets physical supply chains.
“Asahi’s foresight in identifying cyberattacks as a key risk in their 2024 report and actively reviewing their security systems likely contributed to their measured and professional crisis response. This highlights the importance of cyber incident response in organizations’ overall risk and resilience management processes.”
Information Security Buzz News Editor
Kirsten Doyle has been in the technology journalism and editing space for nearly 24 years, during which time she has developed a great love for all aspects of technology, as well as words themselves. Her experience spans B2B tech, with a lot of focus on cybersecurity, cloud, enterprise, digital transformation, and data centre. Her specialties are in news, thought leadership, features, white papers, and PR writing, and she is an experienced editor for both print and online publications.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.