Asahi Group Holdings, Japan's largest brewing company, suffered a ransomware attack in September 2025, resulting in the theft of personal data from about 2 million customers and employees. The attack disrupted operations primarily at its Japanese branch, halting ordering, shipping, and customer service activities. The Qilin ransomware group claimed responsibility, leaking 27GB of data, including contracts and sensitive employee information. Asahi confirmed on October 3 that they were targeted but did not disclose the attackers' identity at the time. The breach exposed personal information of 1.5 million individuals who interacted with their customer service, including names, addresses, phone numbers, and email addresses. Additional details from the breach involved 114,000 external contacts, 107,000 employees, and 168,000 family members of employees, with information like birthdates and gender also compromised. Asahi stated that no financial details, such as credit card information, were accessed. The investigation revealed that the attackers gained access through network equipment at the company’s site, affecting multiple servers and connected devices. Asahi is actively working on system recovery and has begun resuming shipments as operations stabilize. The company has promised to enhance its information security measures to prevent future incidents.