Qilin, a ransomware group with a track record of cyberattacks on major entities around the world, claimed responsibility on Tuesday for a hack on Japan’s Asahi Group Holdings 2502.T that disrupted production at the beer and beverage giant.
Asahi Group’s beer-making subsidiary, Asahi Breweries, said on Monday it had restarted production at its six Japanese beer plants on October 2. It first said it had been hacked on September 29.
Qilin, which operates a ransomware-as-a-service platform that allows users to carry out attacks in exchange for a percentage of extortion proceeds, posted 29 images to its website on Tuesday of what the group claims to be internal Asahi Group documents.
The group claims to have stolen more than 9,300 files, or roughly 27 gigabytes of data, according to the entry on its website.
Reuters could not immediately verify the authenticity of the documents.
An Asahi Group Holdings spokesperson said in an email late Tuesday that the matter was still under investigation and the company declined to comment on Qilin’s claims, or any details about extortion demands or negotiations.
Qilin did not respond to a request for comment.
Qilin has been a prolific ransomware service since first emerging in 2022 with 870 claimed attacks, according to data compiled by eCrime.ch, a cybercrime research platform.
The group was behind the June 2024 hack of British diagnostic services provider Synnovis, which officials said in June 2025 contributed to the death of a London hospital patient.
