Japan’s beverage industry has been thrown into chaos after a devastating ransomware attack crippled Asahi Group Holdings, the nation’s biggest brewer and a major supplier of soft drinks and food products. The cyberattack, which began on September 29, 2025, has left convenience store shelves empty, forced restaurant chains to scramble for alternatives, and exposed the fragile underbelly of modern supply chains.
According to The Sankei Shimbun, Asahi Group Holdings confirmed on October 3 that its servers had been infected with ransomware, leading to a widespread system outage that halted order processing and shipments. The company isolated affected systems to protect customer and partner data—a move that, while necessary, caused significant disruptions to domestic operations. "As a precaution, we have isolated the affected systems to protect customer and partner data," the company said in a statement. "While this has caused disruptions to our domestic operations, we are prioritizing product supply and have begun limited manual order processing and shipments."
From the moment the attack was discovered, Asahi launched an emergency task force and brought in external cybersecurity experts to help restore its systems. Email communication with outside parties was suspended as a security measure. Despite these efforts, the attack crippled Asahi’s order and distribution networks, resulting in production halts at several factories and a suspension of shipments for key products—including the iconic Asahi Super Dry beer and a range of bottled beverages.
The impact was immediate and far-reaching. Major retailers such as FamilyMart, Seven-Eleven Japan, Lawson, and supermarket chain Life Cooperation all reported shipment suspensions and warned customers to expect shortages or out-of-stock situations. FamilyMart, for instance, said its Famimaru range of bottled teas—co-developed and produced with Asahi—would be in short supply or unavailable. "We sincerely apologise to our customers for any inconvenience caused," FamilyMart stated, emphasizing its collaboration with Asahi to restore product availability. Seven-Eleven halted shipments of Asahi products, including Super Dry, and advised its stores to brace for shortages. Lawson announced it was preparing substitute items to minimize the impact on customers, while Life Cooperation also cautioned that Asahi products might soon disappear from shelves.
But the crisis didn’t stop at retail. Restaurant chains, including Marugen Ramen and Kisoji, were forced to adapt quickly. Marugen Ramen, which operates about 230 outlets nationwide, stopped receiving shipments of Asahi draft and bottled beer and planned to turn to other suppliers once its stock ran out. Kisoji, famous for its shabu-shabu and traditional Japanese cuisine, switched from draft to bottled beer and began sourcing from other brewers to keep its service running. The disruption rippled through Japan’s retail and food service sectors, highlighting just how interconnected—and vulnerable—these supply chains can be.
TechRadar and BBC both underscored Asahi’s dominant market position. The company controls about one-third of Japan’s domestic beer market and boasts a global portfolio including Peroni, Pilsner Urquell, Grolsch, and Fuller’s. While the cyberattack’s effects have been confined to Japan, the stakes are high: the domestic market accounts for roughly half of Asahi’s global profits. Every day offline, therefore, cuts deep into the company’s bottom line.
The attack itself was both sophisticated and crippling. As reported by American Craft Beer, the digital systems that underpin Asahi’s business—from ordering and shipping to customer service—were knocked out, even though the brewing equipment itself remained unharmed. The result? Production at all 30 of Asahi’s breweries across Japan ground to a halt, forcing an indefinite shutdown. Launches of new products, including seasonal beers and soft drinks, were put on ice. Retailers quickly warned that Asahi Super Dry, a staple at izakayas and convenience stores nationwide, could vanish from shelves within days if the outage continued.
Despite the severity of the attack, Asahi has insisted that there is no evidence so far of customer or employee data being compromised. However, the company acknowledged that the scope and content of any possible data leak are still under investigation. The type of ransomware, the identity of the perpetrators, and the timeline for full recovery all remain unknown.
In the midst of the turmoil, Asahi’s leadership has been vocal in their apologies and determination to restore normalcy. President and Group CEO Atsushi Katsuki addressed the public on October 3, stating, "We deeply regret the inconvenience caused to our customers and partners. We are doing everything possible to restore our systems quickly while maintaining product supply through alternative measures." He reiterated the company’s commitment to transparency and reassured stakeholders that the effects of the cyberattack were confined to domestic operations.
Asahi’s response has included some creative workarounds. By October 3, the company had started partial manual processing of orders and shipments, prioritizing product supply to customers. External email communications remained suspended, but Asahi announced plans to reopen call center operations during the week of October 6. In a hopeful development, Asahi confirmed on October 6 that it had resumed operations at all six of its domestic beer plants—located in Sapporo, Motomiya (Fukushima), Moriya (Ibaraki), Nagoya, Suita (Osaka), and Hakata (Fukuoka). Production and shipments of Asahi Super Dry restarted on a limited basis, with orders being processed manually by phone. Still, the company has not provided a clear timeline for a full recovery of its digital infrastructure.
The financial toll of the cyberattack is still being assessed, but experts agree the impact could be enormous. Modern manufacturing, as this incident illustrates, is only as strong as its digital backbone. "Attacks like this expose just how vulnerable modern manufacturing is: one breach in digital infrastructure, and an entire supply chain grinds to a halt," TechRadar observed. The Asahi case is a stark reminder that even industry giants are not immune to the growing threat of cybercrime.
For now, Japanese consumers and businesses alike are adjusting to a new, temporary reality—one where grabbing a cold Asahi Super Dry from the corner store is no longer a given. Asahi’s emergency task force, aided by outside cybersecurity teams, continues to work around the clock, but the road to recovery remains long and uncertain. The company’s experience is likely to fuel wider conversations about cybersecurity, supply chain resilience, and the hidden risks lurking in the digital foundations of everyday life.
As the situation unfolds, Asahi’s handling of the crisis—balancing transparency, apology, and the race to restore supply—will be closely watched not just by its customers, but by the entire business community. In the meantime, the sight of empty shelves and the search for substitute products serve as a sobering reminder of just how quickly the ordinary can be upended by an unseen digital threat.
