Japanese brewer Asahi mentioned on Thursday {that a} ransomware assault on its techniques earlier this yr might have uncovered the non-public knowledge of about 1.5 million prospects, in addition to 1000’s of workers, their relations and exterior contacts.
The corporate mentioned the compromised data consists of names, gender, addresses and cellphone numbers, however not credit-card particulars. Asahi has seen no proof the info has been printed on-line and mentioned the affect seems restricted to techniques managed in Japan.
The disclosure follows a two-month investigation into the late-September incident, which compelled manufacturing shutdowns, delayed product launches and disrupted order processing and delivery nationwide — inflicting shortages of Asahi’s beer and delicate drinks. The corporate controls roughly 40% of Japan’s beer market, together with its flagship Tremendous Dry model.
Based on Asahi, attackers infiltrated its data-center community by way of tools at one in every of its home websites and deployed ransomware that encrypted a number of energetic servers and private computer systems. Some worker laptops on mortgage from the corporate have been additionally compromised.
Asahi mentioned it has spent roughly two months containing the assault and is progressively restoring shipments. It goals to normalize logistics operations by February, though some merchandise will proceed to face delays. The corporate has additionally pushed again its annual monetary outcomes by 50 days on account of disruptions in its accounting techniques.
“We’ll do our utmost to totally restore our techniques as shortly as doable,” President Atsushi Katsugi mentioned, including that the corporate is implementing new safety measures to forestall a recurrence.
Asahi didn’t determine the attacker, however in October the Russian-speaking Qilin ransomware gang claimed duty, alleging it stole monetary knowledge, worker data and inside forecasts. Asahi’s CEO mentioned Thursday the corporate has not paid a ransom.
Qilin, energetic since 2022, operates a ransomware-as-a-service mannequin and has beforehand focused hospitals, authorities businesses and personal corporations.
Japan has confronted a number of main cyber incidents in current months. Workplace-supply retailer Askul mentioned knowledge on prospects and suppliers was leaked after an October ransomware assault claimed by the RansomHouse group. Different victims embrace logistics supplier Kintetsu World Specific, cell service NTT Docomo and media conglomerate Kadokawa.
Recorded Future
Intelligence Cloud.
Study extra.
