A ransomware attack has crippled production at Japan’s largest brewer, Asahi Group, threatening to deplete stocks of its popular Super Dry beer and other beverages. The cyber incident, claimed by the hacker group Qilin, has exposed vulnerabilities in the country’s corporate cybersecurity defenses.
The cyberattack, which occurred last week, forced Asahi to halt order placement and shipping operations, leading to the shutdown of most of its 30 factories across Japan. This disruption has caused shortages of Asahi products in convenience stores and supermarkets, with some retailers warning of potential stockouts. The company confirmed that the attack involved ransomware, though it is unclear if a ransom was demanded.
On Tuesday, the ransomware group Qilin claimed responsibility for the attack, stating they had stolen approximately 27 gigabytes of data from Asahi. The stolen information reportedly includes financial data, contracts, and employee details, with some files made publicly available. Asahi is investigating the breach and potential unauthorized data transfers, while cybersecurity firms have verified aspects of Qilin’s claims.
In response, Asahi has restarted operations at all six of its alcohol factories, but full production and shipment capabilities have not yet been restored. The Japanese government, through Chief Cabinet Secretary Yoshimasa Hayashi, has pledged to strengthen cybersecurity measures nationwide, emphasizing that such system failures could jeopardize public safety. Asahi is working to resume normal operations, but demand continues to outpace current delivery capacity.
The attack highlights significant cybersecurity challenges in Japan, where a shortage of skilled professionals and low digital literacy have left many companies vulnerable. Experts note that Japan has been slower to adopt robust cyber defenses compared to other nations, with recent incidents serving as wake-up calls. The National Police Agency reported 116 ransomware attacks in the first half of 2025, with recovery costs rising.
Cybersecurity experts, such as Cartan McLaughlin of Nihon Cyber Defense, suggest that the real number of attacks is likely ten times higher due to underreporting. The use of advanced technologies, including artificial intelligence, has made it easier for threat actors to target large enterprises. Masaki Hiraoka of Blackpanda emphasized that companies must focus not only on prevention but also on effective response and recovery strategies.
Consumers in Japan are facing the prospect of beer shortages, with Asahi Super Dry being a top-selling brand. Convenience store chains have reported stock issues, and there are concerns about panic buying. Tokyo resident Shoko Watanabe expressed surprise that a major corporation could be so severely impacted, reflecting public unease over the incident.
As Asahi works to recover, the incident underscores the inevitability of cyber threats in today’s digital landscape. The Japanese government’s new cybersecurity law and the establishment of the National Cybersecurity Office are steps toward better preparedness, but more needs to be done. Companies are urged to establish clear response plans and partnerships with cyber incident response providers to minimize future disruptions.