Asahi cyberattack leaves data of 1.5M customers exposed
What's the story
Japanese beverage giant Asahi has confirmed a major data breach, which began in September, has potentially affected over 1.5 million customers. The company revealed the incident in a statement, detailing how a ransomware attack had crippled its operations across factories in Japan. The attack was so severe that employees were forced to take orders manually with pen and paper. The company has said it would postpone its full-year results to concentrate on managing the aftermath of the attack.
Data breach details
Personal information of customers likely exposed
Asahi's investigation into the attack revealed that personal information of customers who had contacted its customer service centers may have been exposed. The company has promised to notify those affected by the breach as soon as possible. The data exposed includes names, gender, addresses, and contact information of some 1.52 million customers.
Additional exposure
Employee, external contact information also compromised
Along with customer data, the breach also exposed details of some 107,000 current and former employees as well as 168,000 family members of staff. The names and contact details of some 114,000 external contacts who had communicated with Asahi were also compromised in the attack. However, it's worth noting that credit card information wasn't part of the leaked data.
Recovery efforts
Attack impact limited to Japan
Asahi has confirmed that the attack's impact is limited to systems managed in Japan. The company's European brands such as Peroni and Fuller's Brewery in the UK were not affected by this cyber-attack. After nearly two months of containment efforts, Asahi is now working on restoring its systems and reconfiguring its network. The outage had caused drink shortages across Japan, where Asahi holds a 40% share of the beer market.
Apology and assurance
Asahi's CEO apologizes for disruption caused by attack
Atsushi Katsuki, Asahi's president and CEO, has apologized for the disruption caused by the cyber-attack. He said, "We are making every effort to achieve full system restoration as quickly as possible." He also assured that steps are being taken to prevent such incidents from happening in the future while strengthening information security across the group.
Hacker group involvement
Qilin hacker group claims responsibility
The Qilin hacker group, which is believed to be based in Russia, has claimed responsibility for the attack on Asahi. However, Japanese media reports indicate that the group's statement was interpreted as a claim of responsibility rather than an outright confession of guilt. Asahi added that it is not engaging in any negotiations with the hackers responsible for the "sophisticated and cunning" ransomware attack.
Cyberattack trend
Recent cyberattacks on global brands
The attack on Asahi isn't an isolated incident. Indian-owned Jaguar Land Rover (JLR) had to seek emergency funding after a cyberattack disrupted operations at its UK factories. Japanese retailer Muji also suspended its domestic online shopping service after a ransomware attack on delivery partner Askul in October. These incidents highlight the rising threat of cyberattacks against major corporations worldwide.