Japan’s largest brewing conglomerate, Asahi Group Holdings, has been brought to a standstill following a sophisticated cyberattack that has paralyzed operations across its 30 domestic factories, forcing the suspension of order processing, shipping operations, and customer service functions throughout the country.
Attack Timeline and Impact
The cyberattack was first detected on September 29, 2025, at approximately 7:00 a.m. Japan Standard Time, when Asahi’s IT systems experienced a catastrophic failure. Within hours, the company was forced to suspend critical business operations across its entire Japanese network.
As of Tuesday, September 30, production at an undisclosed number of the company’s 30 domestic factories remained suspended as investigators worked to determine the full extent of the breach. The company has stated it cannot provide an estimated timeline for when normal operations will resume. 
“Asahi Group Holdings is currently experiencing a system failure caused by a cyberattack, affecting operations in Japan,” the company said in an official statement. “We are actively investigating the cause and working to restore operations; however, there is currently no estimated timeline for recovery.”
Operations Affected
The cyberattack has disrupted multiple critical business functions:
- Manufacturing Operations: Production has been halted at multiple factories across Japan’s domestic network
- Order Processing: All order intake systems for Japanese operations have been suspended
- Shipping and Distribution: The company’s logistics and distribution networks are offline
- Customer Service: Call center operations have been taken offline as a precautionary measure
The company has emphasized that the system failure is limited to its operations within Japan. Asahi’s European manufacturing facilities, including its UK beer supply chains, remain unaffected by the incident.
Financial Implications
The timing of the attack could not be worse for Asahi Group Holdings. The Japanese domestic market accounts for approximately half of the company’s total sales revenue, making this disruption a significant threat to the company’s financial performance.
Industry analysts are drawing comparisons to recent cyberattacks in the retail and food sectors. Earlier this year, UK retailer The Co-operative Group reported a £120 million ($153 million) hit to profits following a cyberattack that forced the shutdown of parts of its supply chain and logistics network. Marks & Spencer faced a similar attack in April 2025, which cost the retailer approximately $300 million.
If the Asahi outage extends for weeks rather than days, the financial impact could reach similar levels, particularly given the company’s dominant position in Japan’s beverage market.
About Asahi Group Holdings
Asahi Group Holdings, whose name means “morning sun” in Japanese, was founded in 1889 and has grown into one of the world’s largest beverage conglomerates. The company bottled its first Asahi Draft Beer in Japan in 1900 and has since expanded into a sprawling drinks empire.
The company’s portfolio includes:
- Flagship Japanese Brands: Asahi Super Dry Beer, Nikka Whisky, and Mitsuya Cider
- International Beer Brands: Peroni, Pilsner Urquell, Grolsch, London Pride, and Fuller’s
- Non-Alcoholic Beverages: A diverse range of soft drinks and other beverages
Data Security Status
In what may be the only positive aspect of this crisis, Asahi has confirmed that there has been no evidence of personal information or customer data being leaked to external parties. The company emphasized that its investigation has found no confirmed data breach affecting consumer privacy.
However, the company has not disclosed the nature of the attack, whether ransom demands have been made, or the identity of the attackers.
Rising Cyber Threat in Japan
The Asahi incident highlights the escalating cybersecurity crisis facing Japanese corporations. According to a May 2025 survey conducted by Teikoku Databank, approximately one-third of Japanese companies have experienced a cyberattack, representing a significant increase in threat activity.
Distributed denial-of-service (DDoS) attacks, which overwhelm networks with traffic to disable them, increased by 60% in December 2024 compared to the previous year, reaching an all-time high in Japan.
Industry-Wide Vulnerability
The attack on Asahi is the latest in a disturbing pattern of cyberattacks targeting major food and beverage manufacturers in 2025:
- May 2025: Danish dairy giant Arla Foods suffered a cyberattack
- May 2025: German brewer Oettinger experienced a cyber incident
- July 2025: Russian distiller Novabev Group was targeted by hackers
- August 2025: Jaguar Land Rover was forced to halt work at three UK factories following a cyberattack
- April 2025: UK retailers The Co-operative Group and Marks & Spencer both suffered major attacks
The frequency and severity of these attacks suggest that food and beverage supply chains have become priority targets for cybercriminals, possibly due to the sector’s critical infrastructure status and willingness to pay ransoms to restore operations quickly.
Risk Management Concerns
In a prescient warning, Asahi highlighted the potential for cyberattacks in its 2024 annual report, identifying such incidents among the most prominent risks facing the company. The report specifically warned that a successful cyberattack could “interrupt Asahi’s business and cash flow, and damage its brand.”
That warning has now materialized into reality, with the company facing an indefinite operational shutdown that threatens both its financial performance and market reputation.
Response and Recovery Efforts
Asahi has assembled a response team to investigate the attack and restore operations, but the company has been candid about the uncertainty surrounding recovery. Without a clear timeline for restoration, the company faces mounting pressure from retailers, distributors, and consumers who depend on its products.
The Japanese government has not yet commented publicly on the incident, though cybersecurity experts expect increased scrutiny of critical infrastructure protection measures across the manufacturing sector.
Looking Ahead
As Asahi works to restore its systems and resume production, the incident serves as a stark reminder of the vulnerability of modern manufacturing operations to cyber threats. The company’s experience may prompt other major corporations to reassess their cybersecurity infrastructure and incident response capabilities.
For now, Japanese consumers and international markets supplied by Asahi’s domestic operations will need to make do with existing stock levels while the company works to bring its 30 factories back online.
The company has apologized to customers and business partners for the inconvenience caused by the suspension of operations and has committed to providing updates as the situation develops.
This is a developing story. Information will be updated as more details become available.
