Nihon Kotsu, Japan’s largest taxi company, disclosed on July 13, 2026 that its internal systems suffered an unauthorized external access involving malware infection in the early morning hours of Saturday, July 11. The company immediately shut down systems as an emergency measure to contain the damage. As a result, its online car hire reservation system, telephone-based taxi dispatch service, and several internal systems are currently unavailable.
The company’s public notice was direct about the sequence of events.
“We have recently discovered that our internal systems were subjected to unauthorized external access (malware infection). We sincerely apologize for the great inconvenience and concern this has caused to our customers, business partners, and all other parties involved.” reads the company’s notice. “Upon detecting the unauthorized access, we immediately took emergency measures, including shutting down systems, to prevent further damage. As a result, our hire car web order and reservation management system, telephone-based taxi dispatch service, and some internal systems are currently temporarily unavailable.”
The company took systems offline to contain the threat, but it caused operational disruption.
With the telephone dispatch service down, customers who need a Nihon Kotsu taxi are being directed to use the GO taxi app and select Nihon Kotsu as the company when requesting a ride, or to find a nearby taxi stand or flag one down on the street. It’s a significant operational gap for a company that runs one of Tokyo’s most recognizable fleets, but the manual workaround is functional. The hire car reservation system, which handles advance bookings, remains offline.
Nihon Kotsu confirmed it’s working with external security experts to determine the scope of the securty incident, identify the cause, and analyze logs. The internal network has been isolated to prevent further spread. On the question of personal data exposure, the company said: “We are currently conducting a detailed investigation with specialized agencies into whether and to what extent data has been leaked. At this time, no information leak has been confirmed. However, in the unlikely event that we discover any leak or potential leak of personal information of our customers or related parties, we will promptly make an official announcement and contact those affected individually, in accordance with the law.”
That’s a carefully worded statement: confirmed is doing real work there, and the investigation is still open.
Nihon Kotsu said no data leak has been confirmed. If the investigation finds customer data was exposed, it will notify affected individuals and publicly disclose the incident as required by Japan’s Act on the Protection of Personal Information.
The Japanese firm is prioritizing secure system recovery and will provide updates as the investigation progresses. The company also warned customers to ignore suspicious emails or messages impersonating the firm.
“We are prioritizing the security of our system and the recovery process in a safe environment. We will publish updates on the investigation and recovery status on this website as soon as they become available.” concludes the notice. “Please be careful not to open any attachments or click on any links if you receive any suspicious emails or communications impersonating our company.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, newsletter)