Japan's largest brewer, Asahi Group Holdings, has confirmed a ransomware attack by the Qilin group, resulting in production shutdowns and the theft of 27GB of corporate data.
Oracle has issued an emergency patch for a critical zero-day vulnerability (CVE-2025-61882) in its E-Business Suite. The Clop ransomware group has been exploiting the flaw to steal executive data and launch widespread extortion campaigns affecting thousands of organisations globally.
The NSW Reconstruction Authority has confirmed a major data breach affecting 3,000 flood victims after a contractor uploaded sensitive personal and health information to ChatGPT. The breach, undisclosed for more than six months, raises serious concerns about security and transparency.
Japan's largest brewer, Asahi Group Holdings, has confirmed a ransomware attack by the Qilin group, resulting in production shutdowns and the theft of 27GB of corporate data.
Cyber News Centre's cyber update for 9th October 2025: Asahi Group Holdings, has been hit by a major ransomware attack, with the Qilin group claiming responsibility. The incident, first disclosed on 29 September, forced the company to suspend operations at all six of its Japanese beer plants and led to the confirmed theft of sensitive corporate data.
Asahi Group Holdings is a global beverage and food company headquartered in Tokyo. It is the largest of Japan’s four major brewers and owns a portfolio of internationally recognised brands, including Asahi Super Dry, Peroni Nastro Azzurro, Pilsner Urquell, and Grolsch.
The Update: The Qilin ransomware group has claimed responsibility for the cyberattack on Asahi Group Holdings, stating it exfiltrated 27GB of data, including employee details, financial records, and contracts. The attack forced Asahi to halt production, order processing, and shipping for several days, causing widespread supply disruptions across Japan.
While production at its six domestic breweries resumed on 2 October, the company continues to manage manual order processing and investigate the full scope of the data breach. In an official statement, Asahi apologised for the disruption and confirmed it was working with external cybersecurity experts to restore its systems.
“I would like to sincerely apologize for any difficulties caused to our stakeholders by the recent system disruption. We are continuing our investigation to determine the nature and scope of the potential unauthorized data transfer. We are making every effort to restore the system as quickly as possible, while implementing alternative measures to ensure continued product supply to our customers. We appreciate your understanding and support.” - Atsushi Katsuki, President and Group CEO
The Qilin group, which operates under a sophisticated Ransomware-as-a-Service model, has been identified as the most active ransomware threat in the third quarter of 2025, responsible for 227 attacks. The group has a record of targeting major organisations and critical infrastructure globally.
Why it Matters: This attack on a major consumer goods manufacturer demonstrates the real-world consequences of cybercrime, extending beyond data loss to physical supply chain disruption that directly affects consumers. The incident highlights the vulnerabilities of critical manufacturing systems, even in technologically advanced nations like Japan.
This breach serves as a warning about the interconnected nature of global supply chains and the potential for cascading operational impacts. The involvement of Qilin, one of the most aggressive ransomware groups operating today, underscores the growing sophistication and reach of organised cybercriminal networks that target high-value corporate environments for maximum disruption.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Oracle has issued an emergency patch for a critical zero-day vulnerability (CVE-2025-61882) in its E-Business Suite. The Clop ransomware group has been exploiting the flaw to steal executive data and launch widespread extortion campaigns affecting thousands of organisations globally.
The NSW Reconstruction Authority has confirmed a major data breach affecting 3,000 flood victims after a contractor uploaded sensitive personal and health information to ChatGPT. The breach, undisclosed for more than six months, raises serious concerns about security and transparency.
Security researchers have unmasked Phantom Taurus, a sophisticated Chinese state-sponsored hacking group. For over two years, the group has conducted covert espionage against government and telecommunications organisations worldwide using a custom, fileless malware suite called NET-STAR.
A ransomware attack on a Toowoomba pharmacy has resulted in the leak of sensitive patient data, including medical records and NDIS information. The DragonForce ransomware group has claimed responsibility, highlighting the growing threat to Australian healthcare providers.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
