Hacker Group Claims Asahi Group Ransomware Attack

A hacker group has claimed responsibility for last week’s cyberattack on Japanese beverage giant Asahi Group Holdings Ltd., saying it has stolen employee information and internal documents, a cybersecurity source said, Kyodo News reported.

Qilin, a ransomware group believed to be based in Russia, claimed in a post on the dark web that it had stolen around 9,300 files — or about 27 gigabytes of data — according to the source.

Asahi Group said it is conducting an investigation and declined to provide details, including whether it is in contact with the hackers.

Yukimi Sota, of the Japanese subsidiary of U.S. cybersecurity firm Proofpoint, said hacker groups often take a two-pronged approach to force their targets to pay a ransom.

“The hackers were probably unable to extort ransom money through direct negotiations with Asahi, so they are trying to apply further pressure by releasing the documents,” Sota said.

The beverage maker reported the ransomware cyberattack on Sept. 29, which caused system failures that forced the company to halt production at many of its domestic factories and postpone the release of some products.

The attack used ransomware — a type of malicious software that encrypts data and renders it inaccessible until a ransom is paid. Qilin has carried out ransomware attacks worldwide since 2022, according to several cybersecurity sources.