Asahi says 1.5 million customers’ data at risk following cyber-attack
Japanese brewing giant Asahi has revealed that the personal information of 1,525,000 customers has or may have been exposed by a cyber-attack on its system in September.
Asahi announced on 29 September that it had been impacted by a cyber hack. At the time, it said there had been “no confirmed leakage of personal information or customer data to external parties”.
However, Asahi revealed on Thursday that it now understands the cyber-attack to have potentially leaked the personal information of more than 1.5 million customers, as well as employees and employee family members.
Asahi published an update to its investigations into the attack, explaining that the attacker gained unauthorised access to its data centre network through network equipment located at Asahi’s site. Ransomware was deployed simultaneously, encrypting data on multiple active servers and some PC devices connected to the network.
The brewer has been working in collaboration with external cybersecurity experts to understand the extent of the leak, and found that some data from company-issued PCs provided to employees had been exposed.
Asahi said: “There is a possibility that personal information stored on servers in the data centre may have been exposed.”
However, the brewer has not confirmed any instance of this data being published on the internet. The impact of the attack is limited to systems managed in Japan.
Partner Content
The personal information of employees (including retirees), family members of employees (including retirees), external contacts to whom Asahi has sent congratulatory or condolence telegrams and those who contacted the Customer Service Centers of Asahi Breweries, Asahi Soft Drinks, and Asahi Group Foods has or may have been exposed, the company said on 27 November.
Asahi published the following table to present its understanding of the extent of the impact:
| Affected parties: | Description: | Count |
| Those who contacted the Customer Service Centers of Asahi Breweries, Asahi Soft Drinks, and Asahi Group Foods | Name, gender, address, phone number, email address | 1,525,000 |
| External contacts to whom we have sent congratulatory or condolence telegrams | Name, address, phone number | 114,000 |
| Employees (including retirees) | Name, date of birth, gender, address, phone number, email address, other | 107,000 |
| Family members of employees (including retirees) | Name, date of birth, gender | 168,000 |
The brewer said: “Based on the findings, those whose information has been confirmed as exposed, as well as those who may be at risk, will be notified in due course.”
Atsushi Katsuki, Asahi president and CEO, said of the damage: “I would like to sincerely apologise for any difficulties caused to our stakeholders by the recent system disruption.
“We are making every effort to achieve full system restoration as quickly as possible, while implementing measures to prevent recurrence and strengthening information security across the group.
“Regarding product supply, shipments are resuming in stages as system recovery progresses. We apologise for the continued inconvenience and appreciate your understanding.”
Related news
Carlsberg Hong Kong expands no and low alcohol portfolio
