Asahi Breach Exposes Brewing Industry OT Security Risks

The recent cyberattack on Asahi Group, Japan’s largest beer producer, underscores growing vulnerabilities across the global manufacturing and food-and-beverage sectors.

With production halted at multiple sites among its 30 factories and nationwide distribution networks disrupted, the attack demonstrates how cyber threats now impact not only corporate data but also the essential operations that sustain multinational enterprises.

Asahi – the owner of leading international brands such as Peroni, Pilsner Urquell and Grolsch – is the latest in a line of prominent companies to fall victim to cyber incidents.

Other recent targets include JLR, M&S, Co-op, Harrods and Kering, parent company of Gucci, Balenciaga and Alexander McQueen.

While the beverage giant has confirmed that customer data remains unaffected, the widespread disruption across its domestic supply chains has already proven severe.

The incident raises pressing questions for global business continuity, particularly within one of the world’s most consolidated and influential brewing networks.

Asahi’s cyber attack

“Asahi Group Holdings, Ltd. is currently experiencing a system failure caused by a cyberattack, affecting operations in Japan,” Asahi says in a statement. 

“At this time, there has been no confirmed leakage of personal information or customer data to external parties. However, due to the system failure, the following operations have been suspended:

• Order and shipment operations at group companies in Japan
• Call centre operations, including customer service desks

“We are actively investigating the cause and working to restore operations; however, there is currently no estimated timeline for recovery.”

The company has confirmed that only its operations in Japan have been affected by the attack.

Why is manufacturing a prime target for cybercrime?

The beverage and consumer goods sector is becoming ever more digitised, with intricate supply chains built on tightly integrated IT and operational technology (OT) systems.

For breweries such as Asahi’s, production now hinges on automated bottling lines, advanced logistics platforms and connected systems designed to keep pace with global demand.

While digitalisation has undoubtedly enhanced operational efficiency, it has also widened the attack surface for cybercriminals.

Incidents across multiple industries this year underline the growing scale of this threat.

According to the IBM X-Force 2025 Threat Intelligence Index, manufacturing was the most heavily targeted sector for industrial cyberattacks in 2024 – a trend that has persisted into 2025.

In the Asia-Pacific region alone, the sector accounted for 40% of reported incidents, with finance and insurance following at 16% and transportation at 11%.

Ransomware groups are exploiting third-party vulnerabilities, outdated OT infrastructure and security blind spots at the intersection of IT and production environments to maximise disruption and financial gain.

For companies like Asahi, even a few days of downtime results in lost production, logistics bottlenecks and widespread breaches of supply agreements – causing disruption that can be as devastating as data theft itself.

George Foley, Sales Development Manager at cybersecurity firm ESET Ireland, says: “Once again, cyberattacks are proving they can bring entire industries to a standstill, even without confirmed data theft. 

“The fact that attackers managed to halt production on this scale suggests they had deep access. It’s a reminder that operational continuity is just as critical as data protection and that the supply chain itself needs to be continuously monitored and hardened.”

Is the Asahi incident sounding an industry-wide wake-up call?

Alongside breaches at M&S, JLR and Harrods, Asahi’s cyberattack comes amid a wave of high-profile operational disruptions in the food, beverage and manufacturing sectors, including incidents at JBS and Mondelez.

Within the brewing industry, cyber insurance requirements and regulatory scrutiny are both ramping up.

Governments are anticipated to enforce stricter security audits on critical sectors, with increased emphasis on zero-trust architectures, comprehensive supply chain risk management and accelerated incident response capabilities.

Security experts maintain that proactive investment in cyber hygiene – including continuous vulnerability monitoring, comprehensive employee training and robust network segmentation – can mean the difference between a contained incident and widespread operational shutdown.

For Asahi, successful recovery hinges not only on repairing systems but also on rebuilding customer trust while addressing the vulnerabilities revealed by the breach.

Although the full financial ramifications remain uncertain, it is evident that cyberattacks today inflict operational turmoil alongside digital compromise.