Breaking: Big beer brewer belatedly believes bitten by ransomware—and likely a data  breach.

金のうんこ！

What’s the craic? Oliver Smith reports: Japanese brewing giant Asahi hit by cyber-attack

“Challenging”
Asahi said there had been no “confirmed leakage of personal information of customer data.” … Asahi is the biggest brewer in Japan, but also owns global beer brands including Peroni, Pilsner Urquell and Grolsch.
…
In recent years, Japan has faced a challenging domestic market, with more young people choosing not to drink. Speaking last year, the company’s chief executive Atsushi Katsuki said it was aiming to double its share of of beverages with zero or low alcohol to 20% of its overall beverage sales.

Cue the traditional Japanese apology-fest. Bill Toulas hints at what’s to come: Japan’s largest brewer suspends operations due to cyberattack

“Apologized”
The incident has affected its ordering and shipping activity, which have been completely suspended. Call center operations and customer service desk are currently unavailable to the public due to the cyberattack. … No ransomware gangs have claimed the attack publicly.
…
Asahi Group Holdings, Ltd. [has] roughly one-third of the domestic market share. It employs 30,000 people, produces [2.6 billion gallons] of beverages, and in 2024 the company reported an annual revenue of nearly $20 billion USD. … The company apologized to customers and business partners for the inconvenience.

What’s the latest? Harry Dempsey and Leo Lewis bring us up to speed: Vast majority of factories of nation’s most popular beer have stopped work this week

“Panic”
Japan is just a few days away from running out of Asahi Super Dry as the producer of the nation’s most popular beer wrestles with a devastating cyber attack that has shut down its domestic breweries. … Retailers are expecting empty shelves as the outage stretches [on] with no clear timeline for factories recommencing operations. Super Dry could also run out at izakaya pubs, which rely on draught and bottles.
…
According to cyber security experts at the Tokyo-based … NCD, Japanese companies are increasingly seen as attractive targets for ransomware attackers because of their poor defences and the fact that many companies simply paid the demanded sum through back channels. … In a measure of growing public and private sector panic over cyber vulnerabilities, Japan passed a law in May that granted the government greater rights to proactively combat cyber criminals and state sponsored hackers.

Horse’s mouth? Today, Atsushi Katsuki, president and CEO of Asahi Group confirms it was ransomware and that they’ve uncovered “a potential unauthorized transfer of data”:

I would like to sincerely apologize for any difficulties caused … by the recent system disruption. We are continuing our investigation to determine the nature and scope of the potential unauthorized data transfer. We are making every effort to restore the system as quickly as possible, while implementing alternative measures to ensure continued product supply to our customers.

Good job seppuku is no longer a Thing. But gweihir has no truck with Katsuki-san’s fine words:

Another one bites the dust. You have to be really incompetent and disconnected to not be prepared for a ransomware attack these days. Zero ****s given, they essentially did it to themselves. (And no, it is not “victim blaming” when the threat was well-known for quite a while.)

But is that entirely fair? It’s tiresome and simplistic, thinks anon_lawyer:

The simple fact is that securing systems is hard—so hard that it is in fact an unsolved problem. It’s incredibly tiresome to see [such] comments in these threads. There’s no magic solution! A lot of people, companies, governments etc. need to to a lot of things to solve this problem.

Wait. Pause. Did you say Asahi? KWD was momentarily confused, too:

My first thought was … Asahi Linux. *facepalm*

And are American Asahi addicts affected? u/Dr_thri11 has good news:

The version sold in the US is made in Italy. So, probably safe.

Meanwhile, David 132 pours out the punnage potential: [You’re fired—Ed.]

So it gose.
No point getting bitter.
Their firewall clearly wasn’t stout enough.

And Finally:

Rest in peace, Dame Jane

Previously in And Finally

You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to  @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.

Image sauce: Sean Davis (cc:by-nd; leveled and cropped)