Cybersecurity

Ransomware gang Qilin claims hack that crippled beermaker Asahi

By Jane Lanhee Lee, Margi Murphy and Koh Yoshida
A billboard for Asahi Super Dry beer in Tokyo, Japan, on Oct 3, 2025. The Asahi Super Dry maker has restarted at least six of its 30 factories in Japan after the cyberattack paralysed distribution and forced a halt to most of the company’s domestic production last week. — Bloomberg

A cohort of Russian-speaking hackers known as Qilin has claimed responsibility for a ransomware attack that hobbled Asahi Group Holdings Ltd’s operations for more than a week.

The group stole roughly 27 gigabytes of data from Japan’s biggest beer brewer including financial documents, contracts, development forecasts and employees’ information, Qilin said on its website. Bloomberg was unable to verify the authenticity of the claims. Asahi is investigating the breach, a spokesperson for the Tokyo-based company said, declining to provide more details.

The outage at Asahi was the latest in a global wave of cyber-incidents that have hit carmakers, financial firms and hospitals. The hack underscores Japan’s vulnerability to online attacks, where even brief halts can ripple from factory floors to store shelves and restaurants given the country’s intricate supply chains.

The Asahi Super Dry maker has restarted at least six of its 30 factories in Japan after the cyberattack paralysed distribution and forced a halt to most of the company’s domestic production last week. A timeline for full restoration of Asahi’s systems remains uncertain. Employees have been processing orders over the phone, said the company, which first reported the hack on Sept 29.

Qilin has been active since mid-2022 and targeted more than a hundred companies in more than a dozen countries, according to a list of alleged victims on the gang’s website. The group has said it was involved in a US$50mil (RM211mil) ransomware hack on UK hospital lab-service provider Synnovis, which led to hundreds of canceled operations and outpatient appointments in 2024.

The group encrypts files on infected computers to prevent access. It also often steals data, which it then threatens to publish, if the target refuses to pay for the decryption key and opts to rebuild the computer system from a backup database. Such so-called double-extortion methods have become increasingly popular as a means to compel payments, according to Jon Clay, vice president of threat intelligence at Trend Micro.

It’s not clear if Qilin’s blog entry – which included screenshots of data it says it stole from Asahi – means the brewer refused to pay a ransom. – Bloomberg 

Follow us on our official WhatsApp channel for breaking news alerts and key updates!

Next In Tech News
US activists work to connect Iranians via Starlink
New on the iPhone: Shazam songs even when offline with iOS 26.4
First Robot: Melania Trump brings droid to White House event
Why AI means animal testing is not always needed to trial new medicines
Day of reckoning arrives for social media after US court loss
Teens get probation after using AI to create fake nudes of classmates
Revolut to base 40% of its global workforce in India by 2026
Apple rolls out age checks for UK users
Munich Re: AI making cyber attacks costlier and more effective
Nanya Technology shares surge 10% after $2.5 billion fundraising

Trending in Tech

Others Also Read

Load more

Copyright © 1995- Star Media Group Berhad [197101000523 (10894-D)]

Best viewed on Chrome browsers.