The Nihon Kotsu cyberattack has disrupted operations at Japan’s largest taxi operator after the company confirmed that its internal systems were compromised by a malware-related security incident. The cyberattack on Nihon Kotsu forced the company to shut down parts of its IT infrastructure, leaving key Japan taxi service operations, including its taxi dispatch system, unavailable.
According to the company, the incident occurred early on Saturday, July 11, 2026. After detecting unauthorized access, Nihon Kotsu immediately shut down affected systems to contain the attack and prevent additional damage. The taxi dispatch service operated via telephone, the hire car web ordering and reservation management system, and several internal systems remain temporarily offline.
Nihon Kotsu Shuts Down Systems
Nihon Kotsu, Japan’s largest taxi and chauffeur operator by group revenue, generates approximately ¥155 billion (around $1 billion) annually. The company employs 18,228 people and operates a fleet of 8,558 taxis alongside more than 2,000 chauffeur vehicles, making the disruption significant for the country’s Japan taxi service sector.
In a statement, the company said, “We have confirmed that our internal systems were subjected to unauthorized external access (malware infection).” It also apologized for the incident, stating, “We sincerely apologize for the great inconvenience and concern this has caused to our customers, business partners, and all other parties involved.”
Japan Taxi Service Affected as Dispatch Operations Remain Offline
The company explained that emergency measures were implemented immediately after the breach was detected. “Upon detecting the unauthorized access, we immediately took emergency measures, including shutting down systems, to prevent further damage,” the statement said. It added that the disruption has affected web-based hire car reservations, telephone taxi dispatch services, and certain internal systems.
As the cyberattack on Nihon Kotsu continues to be investigated, customers requiring taxis have been advised to use the GO taxi application, nearby taxi stands, or hail a cab directly from the street. Users of the GO app can still request a Nihon Kotsu vehicle by selecting the company within the application.

The company said it is working with external cybersecurity specialists to determine the cause of the incident, analyze system logs, and assess the overall impact. According to the statement, the internal network has been isolated, and “further spread of the damage has been contained.”
Investigation into the Nihon Kotsu Cyberattack Continues
Investigators are also examining whether any personal or corporate data was exposed during the Nihon Kotsu cyberattack. The company stated that no information leak has been confirmed at this stage.
However, it noted that a detailed investigation is ongoing with specialized agencies to determine whether any data was compromised. If customer or partner information is found to have been exposed, Nihon Kotsu said it will make a public announcement and individually notify affected parties in accordance with applicable laws.
The company said restoring systems securely remains its highest priority. It also pledged to provide updates on both the investigation and recovery process as more information becomes available. In the meantime, Nihon Kotsu urged customers to remain cautious of fraudulent emails or messages claiming to originate from the company and advised them not to open suspicious attachments or click unknown links.

