Nihon Kotsu Confirms Malware Infection, Taxi Dispatch Systems Disrupted
- Attack confirmed: Nihon Kotsu, one of Japan's largest taxi operators, confirmed unauthorized external access led to a malware infection on its internal systems.
- Timeline disclosed: The intrusion occurred in the early hours of July 11, 2026; the company publicly disclosed it on July 13, 2026.
- No leak confirmed: Nihon Kotsu says no data leak has been confirmed at this time, and its investigation is ongoing.
Nihon Kotsu, one of Japan's largest taxi and hire vehicle operators, disclosed on July 13, 2026, that unauthorized external access to its internal systems resulted in a malware infection, temporarily disrupting its phone-based taxi dispatch and hire reservation systems. The company said the unauthorized access occurred in the early hours of July 11, 2026.
Nihon Kotsu operates roughly 9,000 taxi and hire vehicles, primarily serving central Tokyo's special wards along with Musashino and Mitaka, with additional coverage in the Kanto and Kansai regions through affiliated companies.
Phone Dispatch and Reservation Systems Disrupted
The incident has disrupted the Hire Web order and reservation management system, the phone-based taxi dispatch service, and some internal-facing company systems. Dispatch through the GO taxi app, however, is operating normally and unaffected, according to the company’s official notice.
Nihon Kotsu is directing customers to use the GO app, selecting "Nihon Kotsu" as the requested company, or to use taxi stands and street hailing instead of phone dispatch while the affected systems remain offline.
Investigation Ongoing, No Threat Actor Named
No threat actor has been identified yet, and no group has claimed responsibility. Nihon Kotsu says it is working with an external security specialist firm to determine the scope of impact, investigate the root cause, and analyze logs.
The company states no data leak has been confirmed as of its latest update. Because the investigation is ongoing, the full scope of what data, if any, may have been affected remains unknown.
Timing Coincides With GO's Recent Stock Market Debut
The disruption comes after GO, the taxi-dispatch app formed from the merger of Nihon Kotsu Holdings' and DeNA's taxi businesses, debuted on the Tokyo Stock Exchange Growth Market on June 16, 2026, in one of the largest Japanese domestic IPOs this year.
The company leverages Solid Advance's CRM package, "All Gather CRM V3," on Microsoft Azure as its radio dispatch system. However, neither development has been linked to this incident.
Upon detection, Nihon Kotsu immediately isolated affected systems as an emergency measure to prevent further damage, a step it says limited the scope of impact. This remains a developing story, and this article reflects only what the company and independent Japanese-language reporting have confirmed so far.
Late last week, Mie Prefecture announced a ban on Personal USB drives after an inspection found malware on nearly 50 devices.







