Ethical Hacking News
Japanese beer giant Asahi Group Holdings has confirmed a severe data breach, leaving up to 1.9 million individuals exposed to potential identity theft and phishing attempts. The incident highlights the importance of robust cybersecurity measures for organizations handling sensitive customer data.
Asahi Group Holdings suffered a severe data breach, exposing up to 1.9 million individuals. The incident involved a ransomware attack and the theft of customer and employee data. Affected categories include customers, external contacts, current and retired employees, and their family members. No payment card information was exposed in the breach. Asahi is working to restore its systems and strengthen cybersecurity measures.
Japanese beer giant Asahi Group Holdings has confirmed that it has been the victim of a severe data breach, leaving up to 1.9 million individuals exposed to potential identity theft and phishing attempts. The incident was first disclosed on September 29, when the company was forced to suspend production and shipping operations due to a cyberattack.
At the time, Asahi stated that it saw no evidence of customer data having been accessed by unauthorized actors. However, just a few days later, the company confirmed that it suffered a ransomware attack, and that data had been stolen. Qilin ransomware claimed responsibility for the intrusion and published samples of exfiltrated files on their data leak site to prove their claims.
The impact of the breach is significant, with Asahi reporting that the following categories of individuals have been affected:
1,525,000 customers who contacted Asahi's customer service centers (Breweries, Drinks, Foods)
114,000 external contacts who received congratulatory or condolence telegrams from Asahi
107,000 current and retired employees
168,000 family members of those employees
The types of data exposed vary per category. For customers, it may include name, gender, physical address, phone number, and email address. In contrast, for employees, the data may also include dates of birth and gender.
Fortunately, no payment card information was exposed in the incident. Asahi has established a dedicated contact line for affected parties to receive answers about the exposed personal data.
In the aftermath of the breach, Asahi's CEO, Atsushi Katsuki, stated that the company is making every effort to achieve full system restoration as quickly as possible, while implementing measures to prevent recurrence and strengthening information security across the Group. This includes redesigned communication routes, tightened network controls, restrictions on external internet connections, upgrades of threat-detection systems, security audits, and redesigned backup and business-continuity plans.
Shipments are resuming in stages as system recovery progresses, indicating that Asahi is working diligently to restore its operations.
The incident highlights the importance of robust cybersecurity measures for organizations, particularly those handling sensitive customer data. It also serves as a reminder for individuals to remain vigilant and take steps to protect their personal information from potential cyber threats.
In conclusion, the data breach at Asahi Group Holdings is a significant event that underscores the need for robust cybersecurity practices. The company's efforts to restore its systems and strengthen its security measures are a positive step in addressing this issue.
Related Information:
https://www.ethicalhackingnews.com/articles/Asahi-Group-Holdings-Suffers-Devastating-Data-Breach-19-Million-Individuals-Impacted-ehn.shtml
https://www.bleepingcomputer.com/news/security/japanese-beer-giant-asahi-says-data-breach-hit-15-million-people/
https://www.bbc.com/news/articles/ce86n44178no
Published: Sat Nov 29 09:32:28 2025 by llama3.2 3B Q4_K_M
