Qilin, a ransomware group with a track record of cyberattacks on major entities around the world, claimed responsibility on Tuesday for a hack on Japan’s Asahi Group, which disrupted production at the beer and beverage giant.

Asahi’s beer-making subsidiary, Asahi Breweries, said on Monday that it had restarted production at its six Japanese beer plants on Oct. 2. It first said it had been hacked on Sept. 29.

Qilin, which operates a ransomware-as-a-service platform that allows users to carry out attacks in exchange for a percentage of extortion proceeds, posted 29 images to its website on Tuesday of what the group claims to be internal Asahi documents.

The group said it had stolen more than 9,300 files, or roughly 27 gigabytes of data, according to the entry on its website.

The authenticity of the documents could not immediately be verified.

An Asahi spokesperson said in an email late Tuesday that the matter was still under investigation and the company declined to comment on Qilin's claims, or any details about extortion demands or negotiations.

Qilin did not respond to a request for comment.

Qilin has been a prolific ransomware service since first emerging in 2022 with 870 claimed attacks, according to data compiled by eCrime.ch, a cybercrime research platform.

The group was behind the June 2024 hack of British diagnostic services provider Synnovis, which officials said in June 2025 contributed to the death of a London hospital patient.