Article Details

Japanese beer giant Asahi says data breach hit 1.5 million people. Asahi Group Holdings, Japan’s largest beer producer, has finished the investigation into the September cyberattack and found that the incident has impacted up to 1.9 million individuals. The type of data compromised in the attack includes full names, genders, physical addresses, phone numbers, and email addresses, and could be used in phishing attempts. The incident was first disclosed on September 29, when the company was forced to suspend production and shipping operations due to a cyberattack. At the time, Asahi stated that it saw no evidence of customer data having been accessed by unauthorized actors. A few days later, though, the company confirmed that it suffered a ransomware attack and that data had been stolen. The disclosure was followed by Qilin ransomware claiming the intrusion and alleging to have 27GB of data from Asahi. The hackers published samples of exfiltrated files on their data leak site to prove their claims. A press release from the company Asahi states that the following categories of individuals have been impacted: Asahi notes that the types of data exposed vary per category. For customers, it may include name, gender, physical and email address, and phone number; but for employees, it may also include dates of birth and gender. The company underlines that no payment card information was exposed in the incident. A dedicated contact line has been established for affected parties to receive answers about the exposed personal data. According to Asahi’s CEO, Atsushi Katsuki, the company is still in the process of restoring impacted systems, two full months after the initial compromise. “We are making every effort to achieve full system restoration as quickly as possible, while implementing measures to prevent recurrence and strengthening information security across the Group,” stated Katsuki “Regarding product supply, shipments are resuming in stages as system recovery progresses.” The preventative measures to be implemented include redesigned communication routes, tightened network controls, restrictions on external internet connections, upgrades of threat-detection systems, security audits, and redesigned backup and business-continuity plans. The 2026 CISO Budget Benchmark It's budget season! Over 300 CISOs and security leaders have shared how they're planning, spending, and prioritizing for the year ahead. This report compiles their insights, allowing readers to benchmark strategies, identify emerging trends, and compare their priorities as they head into 2026. Learn how top leaders are turning investment into measurable impact.