Qilin cybercrime gang claims hack on Japan’s Asahi Group

TOKYO – Qilin, a ransomware group with a track record of intrusions against major entities around the world, claimed responsibility on Oct 7 for a hack on Japan’s Asahi Group Holdings that disrupted production at the beer and beverage giant.

Asahi Group’s beer-making subsidiary, Asahi Breweries, said on Oct 6 that it had restarted production at its six Japanese beer plants on Oct 2. It first said

it had been hacked on Sept 29.

Qilin posted 29 images on its website on Oct 7 of what the group claims are internal Asahi Group documents.

It claims to have stolen more than 9,300 files, or roughly 27GB of data, according to the entry on its website.

Reuters could not immediately verify the authenticity of the documents.

Asahi’s European subsidiary referred questions to Asahi Group, which did not respond to an e-mailed comment outside office hours. Qilin did not respond to a request for comment.

Qilin operates a ransomware-as-a-service platform that allows malicious users to carry out hacks in exchange for a percentage of extortion proceeds.

It first emerged in 2022 and boasts nearly 870 attacks, according to data compiled by eCrime.ch, a cybercrime research platform.

The group was behind the June 2024 hack of British diagnostic services provider Synnovis, which officials in June 2025 said contributed to the death of a London hospital patient.

The group “is one of the most aggressive ransomware operations currently in circulation”, said Ms April Lenhard, the principal product manager at cyber-security company Qualys, who described the group as “disruptive, highly active and willing to create real-world chaos”. REUTERS