Update on System Disruption Due to Cyberattack (2nd)

Asahi Group Holdings, Ltd.

(Tokyo, Japan - October 3, 2025) – Asahi Group Holdings, Ltd. announced on September 29 that its systems are experiencing disruption due to a cyberattack.

Upon detecting the incident, we established an Emergency Response Headquarters to investigate the incident, through which we confirmed that our servers were targeted by a ransomware attack. To prevent further damage, we are withholding specific details regarding the cyberattack. The information we are able to share at this time is as follows:

We took immediate action to contain and respond to the incident. We placed the highest priority on safeguarding critical data, including the personal information of our customers and business partners, and promptly isolated the affected systems to minimize the impact.

Subsequent investigations have confirmed traces suggesting a potential unauthorized transfer of data. We are conducting investigation to determine the nature and scope of the information that may have been subject to unauthorized transfer.

As a result of the containment measures, operations across our domestic group companies—including order placement and product shipment—have been affected. Additionally, we are currently unable to receive email communications from external sources.

Although system-based order and shipment processes remain suspended, ensuring product supply to customers has been set as our top priority and we have begun partial manual order processing and shipment.

Regarding customer inquiries related to products from Asahi Breweries, Asahi Soft Drinks, and Asahi Group Foods, we are currently preparing to partially and gradually resume call center operations including customer service desks, with the aim of starting this during the week of October 6.

While we are unable to provide a clear timeline for recovery at this time, our Emergency Response Headquarters is working in collaboration with external cybersecurity experts to restore the system as quickly as possible. The scope of the system disruption is currently limited to Japan.

The potential impact of this incident on our financial results for the fiscal year ending December 2025 is currently under review.

“I would like to sincerely apologize for any difficulties caused to our stakeholders by the recent system disruption. We are continuing our investigation to determine the nature and scope of the potential unauthorized data transfer. We are making every effort to restore the system as quickly as possible, while implementing alternative measures to ensure continued product supply to our customers. We appreciate your understanding and support.”