Japanese beverage giant Asahi has experienced a cyber attack that disrupted order, shipment, and call center operations.
Asahi is Japan’s largest brewer and owns popular global brands like Grolsch, Peroni, and Pilsner Urquell. In 2019, it acquired Fuller’s Brewery, which operates over 380 establishments in southern England and produces more than 200,000 barrels annually.
The company also suspended production in over a dozen Japanese factories and the launch of 12 new products to investigate the cyber incident. Local reports also claim that the cyber attack had caused shortages of the country’s most popular beer, Asahi Super Dry.
Cyber attack disrupts Asahi’s Japan operations
Asahi said its domestic operations were disrupted by a system failure that stemmed from a cyber attack.
“Asahi Group Holdings, Ltd. is currently experiencing a system failure caused by a cyberattack, affecting operations in Japan,” the company stated.
The Tokyo-based beverage giant said it had launched an investigation into the cyber attack and was working to restore impacted systems. However, it declined to say when normal operations would resume.
“We are actively investigating the cause and working to restore operations; however, there is currently no estimated timeline for recovery,” Asahi said.
Meanwhile, preliminary results of the investigation determined that the attackers did not access personal information.
“At this time, there has been no confirmed leakage of personal information or customer data to external parties,” the company advised.
Additionally, the cyber attack was limited to Japan. However, overseas operations, including in the United Kingdom, where the company has a strong presence, were not affected.
Nevertheless, domestic production accounts for nearly half of Asahi’s global output, thus making the cyber attack more significant. Previously, Asahi had warned that a disruptive cyber attack could pose an existential threat to the company.
Details of cyber attack lacking
So far, Asahi has not disclosed the nature of the cyber attack, although it has all the hallmarks of a ransomware incident. Local reports claim that the company had informed law enforcement that ransomware was deployed.
Similarly, the company has yet to disclose the attack vector exploited or the identity of the threat actor. No hacking group has claimed responsibility for the Asahi cyber attack, and the company has not confirmed receiving any ransom demands.
Meanwhile, Asahi is trying to address the shortages by visiting customers and taking orders manually. It also issued a public apology for the disruption caused by the cyber attack.
“We sincerely apologize for any inconvenience caused to our customers and business partners.”
Despite being one of East Asia’s best examples in cybersecurity, Japan has continued to become an attractive target for cybercriminals. According to a May 2025 Teikoku Databank survey, 30.3% of all Japan’s small & medium-sized companies and 41.9% of large corporations have experienced a cyber attack.
The Asahi cyber attack occurred hot on the heels of similar high-profile cybersecurity incidents affecting other large corporations. In recent weeks, one of Britain’s largest automakers, Jaguar Land Rover, suspended global operations after experiencing an apparent ransomware attack that disrupted production, sales, and parts distribution.
The U.K.’s luxury retailers Marks & Spencer, Harrods, and the Co-op have also suffered cyber attacks that disrupted operations and leaked personal data.

