Asahi Group Holdings Ltd. hit by cyberattack
Incident
Summary
Hide ▲
Show ▼
Asahi Group Holdings, Ltd. disclosed that a ransomware attack caused the IT disruptions that forced it to shut down factories in Japan this week. The company said its servers were targeted by ransomware and that investigators found evidence of data theft from compromised devices. Asahi has shifted to manual order and shipment processing while restoration work continues, and no ransomware operation has claimed responsibility.
Related Happenings
TeamPCP and Vect partner to turn supply-chain compromises into ransomware follow-on campaigns
Threat Actor Meta
First: 31.03.2026 15:15
Last: 31.03.2026 15:15
Sources 1
About this happening:
TeamPCP and **Vect ransomware group** are linking **supply-chain compromises** to **follow-on ransomware campaigns**, broadening extortion risk for affected organizations. The shi...
TeamPCP and Vect partner to turn supply-chain compromises into ransomware follow-on campaigns
Threat Actor MetaAbout this happening: TeamPCP and **Vect ransomware group** are linking **supply-chain compromises** to **follow-on ransomware campaigns**, broadening extortion risk for affected organizations. The shi...
Beast ransomware group’s RaaS model and shared TTPs exposed through an open server
Threat Actor Meta
First: 20.03.2026 18:31
Last: 20.03.2026 18:31
Sources 1
About this happening:
An exposed **Beast ransomware group** server now shows its **RaaS operating model** and reusable toolset, complicating attribution across ransomware crews. The recovered materials...
Beast ransomware group’s RaaS model and shared TTPs exposed through an open server
Threat Actor MetaAbout this happening: An exposed **Beast ransomware group** server now shows its **RaaS operating model** and reusable toolset, complicating attribution across ransomware crews. The recovered materials...
The Gentlemen RaaS split exposed by hastalamuerte
Threat Actor Meta
First: 19.03.2026 18:00
Last: 19.03.2026 18:00
Sources 1
About this happening:
**hastalamuerte** exposed the internal workings of **The Gentlemen** ransomware group, revealing a **Qilin-related RaaS split** that shows how affiliate-driven ecosystems can rapi...
The Gentlemen RaaS split exposed by hastalamuerte
Threat Actor MetaAbout this happening: **hastalamuerte** exposed the internal workings of **The Gentlemen** ransomware group, revealing a **Qilin-related RaaS split** that shows how affiliate-driven ecosystems can rapi...
Advantest Corporation hit by ransomware attack
Incident
First: 20.02.2026 11:31
Last: 20.02.2026 11:31
Sources 1
About this happening:
**Advantest Corporation** disclosed a **ransomware intrusion** after detecting an **IT network intrusion** on **February 15**. Preliminary findings indicate an **unauthorized thir...
Advantest Corporation hit by ransomware attack
IncidentAbout this happening: **Advantest Corporation** disclosed a **ransomware intrusion** after detecting an **IT network intrusion** on **February 15**. Preliminary findings indicate an **unauthorized thir...
Latest development: 23.02.2026 13:30
As of February 23, 2026, Advantest Corporation said it had not confirmed a data breach after its ransomware incident and continued its investigation. The company said it had not confirmed which IT services were compromised or whether customer or employee data was affected.
Washington Hotel brand in Japan / Fujita Kanko hit by ransomware attack
Incident
First: 16.02.2026 23:10
Last: 16.02.2026 23:10
Sources 1
About this happening:
The **Washington Hotel** brand in **Japan** disclosed a **ransomware attack** that compromised its servers and exposed **various business data**. The incident matters because some...
Washington Hotel brand in Japan / Fujita Kanko hit by ransomware attack
IncidentAbout this happening: The **Washington Hotel** brand in **Japan** disclosed a **ransomware attack** that compromised its servers and exposed **various business data**. The incident matters because some...
Timeline
-
08.10.2025 12:15 2 articles · 7mo ago
Qilin claims responsibility for Asahi attack
Attribution UpdateQilin added Asahi to its leak site on Tuesday, claiming responsibility for the ransomware attack on Asahi’s Japan operations and alleging theft of 27 gigabytes of data and over 9,000 files, including contracts, employee information, financial documents, forecasts, and other business data.
Show sources
- Ransomware Group Claims Attack on Beer Giant Asahi — www.securityweek.com — 08.10.2025 12:15
- Qilin ransomware claims Asahi brewery attack, leaks data — www.bleepingcomputer.com — 08.10.2025 21:42
-
06.10.2025 12:30 1 articles · 7mo ago
Asahi confirms ransomware attack and data transfer
Technical Analysis UpdateAsahi Group Holdings, Ltd. confirmed that its servers were hit by a ransomware attack that caused an unauthorized transfer of data, and it said investigators found traces suggesting information may have been exposed. The company isolated affected systems to protect critical data, kept system-based order and shipment processes suspended in Japan, and began partial manual order processing while planning a gradual resumption of call center operations.
Show sources
- Asahi Confirms Ransomware Attack, Data Stolen from Servers — www.infosecurity-magazine.com — 06.10.2025 12:30
-
29.09.2025 23:44 4 articles · 7mo ago
Japan operations disrupted after cyberattack
Victim Impact UpdateAsahi Group Holdings, Ltd. experienced a cyberattack that caused a system failure in Japan-based operations, completely suspending ordering and shipping and leaving the call center and customer service desk unavailable to the public.
Show sources
- Japan's largest brewer suspends operations due to cyberattack — www.bleepingcomputer.com — 29.09.2025 23:44
- Cyberattack on Beer Giant Asahi Disrupts Production — www.securityweek.com — 30.09.2025 12:45
- Asahi Confirms 1.5 Million Customers Affected in Major Cyber-Attack — www.infosecurity-magazine.com — 27.11.2025 16:30
- Japanese beer giant Asahi says data breach hit 1.5 million people — www.bleepingcomputer.com — 29.11.2025 17:17
-
29.09.2025 23:44 2 articles · 7mo ago
Asahi publicly discloses cyberattack affecting Japan
Initial DisclosureAsahi Group Holdings, Ltd. publicly disclosed on 2025-09-29 that a cyberattack was affecting Japan-based operations, said there had been no confirmed leakage of personal information or customer data to external parties, and said it was investigating the disruption while working to restore impacted operations without giving a recovery timeline.
Show sources
- Japan's largest brewer suspends operations due to cyberattack — www.bleepingcomputer.com — 29.09.2025 23:44
- Japanese beer giant Asahi confirms ransomware attack — www.bleepingcomputer.com — 03.10.2025 17:51