27 November 2025 – Asahi Group Holdings has disclosed that approximately 1.914 million personal records were either confirmed stolen or potentially exposed following a ransomware attack on its Japanese systems in September 2025. The incident, which disrupted production and distribution for over a week, now ranks as the largest single data breach in the global drinks industry this year.
The compromised or at-risk data belongs to four main groups, all limited to systems managed in Japan:
- 1,525,000 individuals who contacted customer service centres of Asahi Breweries, Asahi Soft Drinks, and Asahi Group Foods (name, gender, address, phone, email)
- 114,000 external recipients of ceremonial congratulatory or condolence telegrams (name, address, phone)
- 107,000 current and former employees (including additional fields such as date of birth)
- 168,000 family members of employees and retirees
Asahi stressed that no credit card information was affected and, to date, there is no evidence of the stolen data being published online. Only 18 employee records stored on company-issued PCs have been confirmed as exfiltrated.
Business Impact Remains Significant
The attack triggered widespread system outages in September. Soft-drink sales in Japan plummeted by around 40% in October, while beer sales held above 90% of the prior-year level. Food division revenue fell more than 20%, though Asahi prioritised high-social-need items such as infant formula.
Order processing continues largely manually. The company told trade customers on 24 November that logistics systems are targeted for full restoration by February 2026 at the latest, with system-based ordering across its three main domestic units set to resume in early December.
Subscribe to our newsletter
As a direct result of the incident, Asahi has postponed its full-year 2025 results and was unable to provide accurate revenue or profit figures for its Japan and East Asia segment in yesterday’s third-quarter update. Europe revenue declined 3% in the nine months to 30 September, affected by weak consumption and poor summer weather, while Asia-Pacific (ex-Japan) grew 3.1%, driven by non-alcoholic beverages.
Response and Recovery
President and CEO Atsushi Katsuki issued a public apology on 27 November: “I sincerely apologise for the inconvenience caused to all stakeholders by the recent system disruption. We are making every effort to restore systems as quickly as possible while strengthening group-wide information security.”
Asahi is working with external cybersecurity specialists on phased recovery of verified-secure systems and devices. Measures underway include enhanced monitoring, redesigned network controls, revised backup strategies, and updated business continuity plans.
The breach originated through network equipment at a domestic site and affected only Japan-managed infrastructure. Operations in Europe, Oceania, and South-East Asia remain unaffected.
For the Japanese market, the coming first quarter of 2026 will be the critical period to assess how quickly Asahi can return to normal trading levels.
