Japan’s Asahi has partially restarted production at six of its breweries after a cyberattack forced the company to halt operations and disrupted supplies of its flagship beer, Asahi Super Dry.
The attack, which the company confirmed last week was caused by ransomware, crippled Asahi Group’s domestic ordering and delivery systems, leading retailers such as 7-Eleven and FamilyMart to warn of declining beer stocks.
Asahi, Japan’s largest brewer, also produces soft drinks and food products, as well as supplying own-brand goods to retailers.
The company said two of its soft-drink factories have reopened but are not yet at full capacity, while five others will resume “gradually in accordance with shipments.” All seven of its food plants have also restarted but remain below full capacity.
The cyberattack affected only Asahi’s operations in Japan, which account for about half of its global sales. The group also owns the UK’s Fuller’s and international brands including Peroni, Pilsner Urquell and Grolsch.
Asahi stressed that production systems at its factories were not directly compromised but that it had been forced to suspend brewing and distribution because it could not process orders and shipments.
On Friday, it said it was “unable to provide a clear timeline for recovery” but was working with external cybersecurity experts to restore systems as quickly as possible.
The company disclosed that hackers had exfiltrated data from its servers and that it was investigating the nature and scope of the theft. It added that containment measures had limited the impact but disrupted order placement, product shipments and external email communications.
“Asahi took immediate action to safeguard critical data, including personal information, and promptly isolated affected systems to minimise the impact,” the company said.