On March 31, 2025, Tokiwa Industry, a supermarket chain operating in Oita Prefecture, announced that all 23 of its stores would be temporarily closed due to a severe cyber attack. This incident, which was confirmed during an investigation into a system failure that occurred on March 30, involved multiple servers within the Tokiwa Group being compromised by ransomware.
The attack led to significant disruptions, rendering the company's product ordering and payment systems inoperable. According to Tokiwa Industry, the issues first became apparent around 1:00 PM on March 30 when the product ordering system failed to function. Upon further investigation, it was revealed that the core servers had been encrypted by ransomware, preventing any operational activities.
As a precautionary measure, Tokiwa Industry decided to close all its stores on March 31 to prevent any further damage and to facilitate recovery efforts. The company stated, "We apologize for the inconvenience and will do our best to restore the system." Currently, there is no confirmation of personal information leakage, as customer and employee data are stored on separate servers unaffected by the attack.
While all Tokiwa Industry stores are closed, some tenants within the shopping center Akeno Across Town Nibangai continue to operate normally. Notably, the Tokiwa Beppu Store and Wasada Town are open, excluding certain departments such as the Food Kitchen and Supermarket.
The company has taken swift action by establishing a crisis management team and is collaborating with external security experts and law enforcement to assess the situation and initiate recovery processes. Although the timeline for restoring services remains uncertain, Tokiwa Industry is committed to keeping customers informed through updates on their homepage.
This cyber attack highlights the growing vulnerabilities faced by retail businesses in today's digital landscape. Similar incidents have been reported in the past, such as the ransomware attack on Izumi Co., which operates the "Yume Town" supermarkets. In that case, the attack disrupted credit card payments and other operations for several days.
Industry experts emphasize the importance of robust IT infrastructure and cybersecurity measures to ensure business continuity and protect customer data. As the retail sector increasingly relies on technology for operations, the need for comprehensive cybersecurity strategies becomes paramount.
Tokiwa Industry's experience serves as a cautionary tale for other businesses in the retail and distribution sectors. As they work to recover from this incident, it underscores the necessity of viewing cybersecurity not merely as an IT issue but as a critical component of overall business strategy.
As Tokiwa Industry continues its recovery efforts, customers and business partners are urged to remain patient. The company has expressed its deep regret for the disruption caused by this attack, emphasizing their commitment to restoring normal operations as quickly as possible.
In the wake of this attack, Tokiwa Industry is likely to reassess its cybersecurity measures and implement stronger defenses to prevent similar incidents in the future. The retail industry must take heed of these developments, as the implications of cyber threats extend beyond immediate operational disruptions, affecting customer trust and brand integrity.
As the situation develops, Tokiwa Industry will provide updates on their recovery progress and any changes to store operations. The incident serves as a reminder that in an increasingly interconnected world, the security of digital systems is crucial for the sustainability of businesses.
