Pierluigi Paganini
October 21, 2025
Japanese retailer giant Muji suspended online sales after a ransomware attack hit its logistics partner Askul. The cyber incident disrupted deliveries and online store functions, including orders and app services.
“Due to a logistics issue at our online store, the following services and functions are currently unavailable.The reopening date has not yet been decided.We sincerely apologize for any inconvenience caused to our customers, and we appreciate your understanding.” reported the company.
“[Services and features currently unavailable] (Updated October 20th (Monday) at 5:00 PM)
Muji is a Japanese retail company known for its minimalist design and “no-brand” philosophy. It sells a wide range of products, including clothing, furniture, stationery, and home goods, all emphasizing simplicity, functionality, and sustainability. The name “Muji” comes from “Mujirushi Ryohin” (無印良品), meaning “no-brand quality goods.”
The company has over 24,500 employees and $4 billion in annual revenue.
Askul disclosed a ransomware attack on October 21, 2025.
“The ASKUL website is currently experiencing a system outage due to a ransomware infection, halting order acceptance and shipping operations.” reads the company’s statement. “We are currently investigating the extent of the impact, including the leak of personal information and customer data, and will notify you as soon as it is clear. We sincerely apologize for any inconvenience and concern this may have caused our customers.”
The ransomware attack forced Askul to suspend all key operations, including online and fax orders, shipping, new user registration, returns, catalog requests, and pharmaceutical services. Customer support lines and inquiry forms were also unavailable.
At this time, no ransomware gangs have claimed responsibility for the attack on Askul.
Recently, another Japanese company, Asahi, disclosed a ransomware attack. Asahi Group Holdings, Ltd (commonly called Asahi) is Japan’s largest brewing company, known for producing top-selling beers like Asahi Super Dry, as well as soft drinks and other beverages. It operates both domestically and internationally, with a strong presence in Europe and Asia.
At the end of September, the company suspended its operations at the Japanese branch after a cyber attack, other branches were not impacted. The attack halted the company’s ordering and shipping operations, and its call center and customer service desk are unavailable.
On October 3, the company confirmed that it was a victim of a ransomware attack, but did not reveal the name of the group responsible for the security breach.
Qilin ransomware claimed responsibility for the attack on the Beer giant Asahi and leaked 27GB of stolen data, including employee and financial documents.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Japan)
