Japanese beer giant Asahi said on Thursday that a massive cyberattack in September potentially leaked the personal information of more than 1.5 million customers.
Beverage company published a statement on its investigation into a ransomware attack that crippled its operations at factories in Japan and forced employees to follow orders using pen and paper.
Asahi said it discovered that the personal details of people who contacted its customer service centers were likely compromised and that those affected would be notified as soon as possible.
The company added that it will delay publication of full year financial results focus on eliminating the consequences of the attack.
Asahi did not reveal the attacker's identity or demands. Ransomware group Qilin, which has previously hacked other major firms, claimed responsibility for the Asahi attack.
The beer maker said in its preliminary findings that it had found failure in one of the data centers on September 29..
It said that while the system was quickly isolated, investigators discovered that the attacker had already penetrated the network, encrypted its data and injected ransomware, a virus that blocks access to files until a ransom is paid.
Some data on the affected computers, as well as personal information stored on the hacked servers, were also potentially exposed, Asahi said.
The only confirmed data breaches involved 18 pieces of employees' personal information stored on company-issued laptops, Asahi told the BBC.
All other personal information is considered at risk of possible leakage, the department added.
It includes personal data of more than 1.52 million customers, such as their names, gender, addresses and contact information.
Data belonging to approximately 107,000 current and former employees and 168,000 family members of employees was also potentially leaked.
The names and contact details of 114,000 external contacts who communicated with the firm were also linked.
Credit card information was not included in Asahi's leaked data list.
The company added that it had not confirmed any evidence of the release of the data and that the impact of the attack was limited to systems managed in Japan.
The firm also owns major brands in Europe, such as Peroni and Fuller's Brewery in the UK. Asahi said the cyberattack had no impact on the firms' operations.
The company said it spent nearly two months containing the attack and is now working to restore systems and reconfigure its network.
Retailers in Japan have warned of beer and beverage shortages as Asahi faces a major cyber attack on its operations. [Getty Images]
The outage led to shortages of drinks in stores across Japan. Asahi accounts for about 40% of the country's beer market.
The shortage also affected Asahi soft drinks such as ginger beer and sparkling water.
Supplies are also gradually resuming, said Atsushi Katsuki, the company's president and chief executive, who apologized for the difficulties caused by the outages.
“We are working hard to achieve full system recovery as quickly as possible, while implementing measures to prevent a recurrence and strengthen information security across the group.”
Other global brands have also recently experienced similar cyber attacks.
Jaguar Land Rover was forced to resort to emergency funding after a major cyber attack crippled operations at its UK factories.
