Asahi Group Holdings, a major Japanese food and beverage company, suffered a **ransomware attack** claimed by the hacker group **Qilin** on **October 7, 2024**. The attackers allegedly stole **over 9,300 data files**, including **financial records and personal information of employees**. While it remains unclear whether **customer or business partner data** was compromised, the breach forced the company to **postpone its Q1–Q3 earnings release** (originally scheduled for **November 12**) due to system disruptions. The company **confirmed the leaked data’s presence online** the following day, and its systems **remain unrecovered**, forcing manual order processing. The attack’s financial and operational impact includes **delayed reporting, potential reputational damage, and operational inefficiencies**, though the full scope of data exposure—particularly regarding customers—is still under investigation. The involvement of ransomware and theft of **employee personal data** elevates the incident’s severity, with potential long-term consequences for trust and regulatory compliance.
Source: https://www.japantimes.co.jp/business/2025/10/15/companies/asahi-cyberattack-personal-information/
TPRM report: https://www.rankiteo.com/company/asahigroup-holdings
"id": "asa2392123101525",
"linkid": "asahigroup-holdings",
"type": "Ransomware",
"date": "10/2024",
"severity": "85",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Food and Beverage',
'location': 'Japan',
'name': 'Asahi Group Holdings',
'type': 'Corporation'}],
'data_breach': {'data_exfiltration': True,
'number_of_records_exposed': 'Over 9,300 files',
'personally_identifiable_information': True,
'sensitivity_of_data': 'High (includes personal and financial '
'data)',
'type_of_data_compromised': ['financial data',
'employee personal information']},
'date_publicly_disclosed': '2023-10-08',
'description': 'Asahi Group Holdings, a Japanese food and beverage company, '
'experienced a ransomware attack in October 2023. The hacker '
'group Qilin claimed responsibility, stating it stole over '
'9,300 data files, including financial data and employee '
'personal information. The attack disrupted operations, '
'delaying earnings reports and forcing manual order '
'processing. The company confirmed the potential breach of '
'personal data on October 8, 2023.',
'impact': {'data_compromised': True,
'downtime': True,
'identity_theft_risk': 'Potential (employee personal information '
'compromised)',
'operational_impact': 'Manual order processing; delayed earnings '
'release (postponed from November 12, 2023)',
'systems_affected': True},
'initial_access_broker': {'high_value_targets': ['financial data',
'employee personal '
'information']},
'investigation_status': 'Ongoing (systems not yet restored as of the report)',
'ransomware': {'data_exfiltration': True},
'references': [{'source': 'News report (unspecified)'}],
'response': {'recovery_measures': 'Manual order processing (temporary '
'workaround)'},
'threat_actor': 'Qilin',
'title': 'Cyberattack and Potential Data Breach at Asahi Group Holdings',
'type': ['ransomware', 'data breach']}