Asahi has revealed further details about the recent hacker attack that affected the company. It explains what type of data cybercrooks may have accessed and how they infiltrated the company’s systems in the first place.
The recent ransomware attack against Asahi exposed nearly two million people, Asahi revealed in a recent update. Qilin ransomware cartel breached the company in late September, severely disrupting production and shipments of Asahi products in Japan.
The company’s CEO, in his first public statement after the attack, apologized and attempted to reassure customers that the company is working to fully recover from the attack and implement measures to prevent similar data breaches in the future.
“Regarding product supply, shipments are resuming in stages as system recovery progresses. We apologize for the continued inconvenience and appreciate your understanding,” Atsushi Katsuki, Asahi President and Group CEO, said in a statement.
Asahi data breach: What data was exposed?
The majority of exposed individuals, over 1.5 million, are individuals who contacted Asahi via its customer service centers. Another 275,000 exposed individuals either work for Asahi or are their family members.
The last group of exposed individuals comprises another 114,000 people, to whom the company sent congratulatory or condolence telegrams. Different groups of people had different data exposed, but in general, attackers got their hands on:
- Names
- Dates of birth
- Email addresses
- Gender
- Addresses
- Phone numbers
Cybercrooks could utilize exposed details for identity theft, social engineering, and targeted phishing. For example, malicious actors could use stolen details to create sophisticated scam emails, attempt to open accounts, reset passwords, and otherwise compromise individuals' online security.
According to the company, no payment card details were exposed, and the data breach is geographically limited to Japan. However, Asahi added there’s a chance that some data from company-issued devices provided to employees had been exposed.
Interestingly, Asahi revealed that attackers had penetrated its systems via network equipment located at the Asahi Group’s site. Once inside, cybercrooks simultaneously deployed ransomware on multiple Asahi servers and devices connected to the network.
The Russia-linked Qilin ransomware cartel claimed the attack against Asahi in early October. The gang posted numerous screenshots of stolen data, stating that cybercriminals had obtained 27GB of data.
Asahi was founded in 1889 and currently employs over 28,000 staff members. The Tokyo-based suds producer is the parent company of Italy’s Peroni, the Netherlands’ Grolsch breweries, the Czech Republic’s Pilsner Urquell, and Australia’s Foster’s beer and 19 Crimes wine.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked