TOKYO, November 27, 2025 – Japan’s Asahi Group Holdings, maker of the popular Super Dry beer, announced on Thursday that it aims to normalize its logistical operations by February 2026 following a cyberattack in late September that caused widespread disruption. However, the company cautioned that not all products will be available for shipment by that time.

Details of the Cyberattack

The cyberattack, which occurred on September 29, 2025, disrupted order processing, shipping, and call center operations across the beverage maker’s domestic network. Asahi also reported that the personal details of 1.52 million customers may have been exposed. Additionally, information related to 114,000 contacts and 275,000 current and former employees and their families might have been compromised, although none of this data has appeared online, according to the company.

The ransomware group Qilin claimed responsibility for the attack on October 9. CEO Atsushi Katsuki confirmed that Asahi has not paid any ransom.

Operational and Financial Impact

The attack forced Asahi to delay key financial disclosures:

• Third-quarter earnings, originally due November 12, were postponed by over 45 days
• Full-year earnings, ending December 31, 2025, will be released more than 50 days after the fiscal year-end

Production at six domestic factories resumed in the week following the cyberattack. However, the disruption caused shortages across restaurants, bars, and retail outlets in Japan. October sales for Asahi’s three primary domestic beverage and food units fell 10% to 40% compared with the same period last year.

Despite these challenges, Katsuki reaffirmed that Asahi’s mid-to-long-term management plan remains unchanged, although the company anticipates a deterioration in short-term results.

Broader Context: Rising Cyber Threats

Asahi’s attack is part of a growing trend of cyberattacks targeting major corporations worldwide. Earlier in 2025:

• Automaker Jaguar Land Rover had to close factories following a cyberattack
• Retailer Marks and Spencer temporarily suspended online orders

The incident highlights the vulnerability of logistics and production systems to ransomware attacks, prompting companies globally to strengthen cybersecurity defenses.

Recovery Plan

Asahi is working to fully restore its logistics network by February 2026, ensuring a gradual return to normal operations. The company aims to resume full product availability as quickly as possible while maintaining the security of customer and employee data.