When did a simple beer order become impossible in Japan? The answer came in September 2025 when Asahi Group Holdings fell victim to a cyberattack that turned ordering a cold beverage into a national crisis.
The Qilin ransomware group, a Russia-based cybercriminal organization active since late 2022, claimed responsibility for the devastating attack. This group operates like a twisted franchise, using a ransomware-as-a-service model that allows criminal affiliates to launch attacks worldwide. In 2025 alone, Qilin became the most active ransomware group with 105 confirmed attacks and 473 additional unverified claims.
Asahi’s nightmare began when the cyberattack forced the company to suspend domestic operations entirely. Six Japanese beer plants shut down production, creating immediate supply chain chaos. Orders stopped flowing, shipments halted, and customer service disappeared. Imagine trying to stock your convenience store or restaurant only to find that Japan’s beer supply had suddenly vanished.
The criminals didn’t stop at disruption. Qilin claimed to have stolen 27 gigabytes of sensitive data, including financial documents, employee personal information, and secret company development plans. This stolen treasure trove appeared on Qilin’s data leak site like a digital ransom note. However, Asahi has not confirmed whether the data theft claims are accurate.
Recovery efforts began quickly, with all six beer plants eventually restarting production. Yet the damage spread far beyond factory floors. Beer shortages hit stores across Japan while earnings for Asahi and related businesses froze during the chaos. The incident sparked nationwide anxiety about cybersecurity vulnerabilities in critical industries. The financial stability concerns extended beyond just the company itself, affecting entire supply chains and related businesses throughout Japan’s interconnected economy.
Qilin’s appetite for Japanese companies proved insatiable in 2025. The group targeted 14 manufacturers, including medical equipment producers and other major corporations like Shinko Plastics and Nissan Creative Box. Each attack sent ripples through Japan’s interconnected business networks. The group primarily focuses on manufacturing and medical sectors, making these industries especially vulnerable to future attacks.
The beer shortage became a symbol of how cyberattacks can disrupt everyday life. What started as ones and zeros on computer screens transformed into empty shelves and worried consumers. Asahi continues investigating the breach while working to restore full operations, but the incident serves as a sobering reminder that even Japan’s beloved beer isn’t safe from digital pirates. Fortunately for thirsty customers, Asahi Super Dry shipments restarted partially as beer production resumed at all domestic facilities.
