Asahi delays results as ransomware attack disrupts operations
Japanese brewer Asahi is facing continued disruption from a ransomware attack that began in September and remains unresolved. The company announced it will delay its financial results for the fiscal year ending December 31, 2025, citing the impact of the attack.
Asahi revealed ongoing system outages across Japan and other parts of East Asia. The incident has prevented the company from finalising revenue and profit figures. The disruption has forced a delay to its scheduled earnings announcement for the nine-month period.
Heavy Operational Impact
The ransomware attack has caused significant operational problems. System failures affected multiple business functions. The incident showed how interconnected modern manufacturing environments can experience cascading disruptions from a single breach.
Asahi disclosed that personal information for up to 1.9 million individuals may have been exposed in the attack. The company said it found no evidence of compromised credit card information. However, the scale of the data exposure has raised concerns about increasing privacy and compliance risks facing large organisations.
Ongoing Cyber Risks
The announcement highlights the growing vulnerability of established manufacturing companies to cyberattacks. The sector faces challenges as older operational technology systems interact with new digital infrastructure. Maintaining visibility into the reach and effects of a cyber incident remains difficult for organisations that run a mix of legacy and modern systems.
Recent years have seen global increases in ransomware attacks and cyber incidents that extract sensitive data. Many of these incidents begin with the theft or misuse of credentials or privileged accounts. Attackers now increasingly focus on targeting authentication data, such as passwords and administrative credentials, rather than attacking external network perimeters.
Takanori Nishiyama, SVP APAC & Japan Country Manager at Keeper Security, commented on the significance of the incident for Japan’s industry. He said:
“The ransomware attack on Asahi Group highlights the critical reality for Japan’s manufacturing sector that cyber incidents now have direct and measurable business impacts, from operational disruption to delays in financial reporting. During its November press conference, Asahi confirmed that system outages across Japan and East Asia hindered its ability to finalize revenue and profit figures, forcing a delay in the company’s nine-month earnings announcement.”
The Asahi attack follows a broader trend of manufacturing and industrial companies in the Asia-Pacific region experiencing increased levels of cybercrime. The integration of cloud services and supplier connectivity has added new risks for businesses managing complex supply chains.
Prevention Challenges
Nishiyama said system failures during the Asahi attack demonstrated how quickly a cyber breach can spread across business units. He said manufacturers with legacy operational technology and digitised systems struggle to gain full visibility into the scope of such disruptions.
He also pointed to heightened privacy and compliance risks. “The scale of the potential data leak underscores the escalating privacy and compliance risks facing major enterprises that manage large volumes of sensitive information,” said Nishiyama.
Credential-focused attacks often exploit weaknesses in authentication and privileged access management. Nishiyama stated that a zero-trust model, modern privileged access management, and strong identity controls are essential steps to reduce exposure to such attacks. He noted that policy changes in Japan require organisations to enhance their reporting and preparedness against cyber incidents.
Japan is moving forward with active cyber-defence legislation. New rules will expand expectations around incident reporting. Companies that invest in identity and access controls could find themselves in a better position to meet emerging regulatory requirements and maintain operational continuity.
