Japan's largest taxi company knocked offline by cyberattack as dispatch systems go dark
No ride, no reason.

Nihon Kotsu Taxi ransomware.
- Nihon Kotsu, Japan's largest taxi company, shut down IT systems after malware infected internal networks through unauthorized external access.
- The attack disrupted taxi dispatch, phone lines, bookings, reservations, and car-rental services starting July 11.
- Cybersecurity specialists are investigating whether customer or company data was accessed; no confirmed data theft has been reported.
- The outage shows how cyberattacks on transport systems can disrupt essential services and affect thousands of workers and riders.
Key Takeaways by nexos.ai, reviewed by Cybernews staff.
Nihon Kotsu, Japan's largest taxi operator, has announced that malware infected its internal systems after unauthorized external access, forcing the company to shut down its IT systems to prevent further spread.
The company's services were severely affected across the board, with taxi deployment, phone switchboard, and bookings, reservations, and car-rental facilities rendered out of service. The disruption started on July 11th and continued at the time of publishing.
Customers have been forced to use the county's biggest ride-hailing GO app as an alternative or use taxi ranks at street level.
This mammoth disruption has hit Nihon Kotsu hard. The company generates around $1 billion in annual revenue, employs over 18,000 staff, and operates over 8,500 taxis.
"We have confirmed that our internal systems were subjected to unauthorized external access (malware infection),"read the company's statement.
Investigators race to establish what happened
Nihon Kotsu says cybersecurity specialists have been brought in to investigate the breach, with the company having isolated affected systems while forensic work continues.
Officials are examining whether customer or corporate information was accessed. No evidence of data theft has been confirmed so far.
The company says affected individuals will be notified if any information was compromised.
However, customers are being warned about phishing emails pretending to come from Nihon Kotsu.
One post on the Reddit r/cybersecurity subreddit summed up the situation well by explaining:
“Taxi fleets are an underrated target, honestly. Dispatch systems, GPS tracking, card payments, customer apps all in one place, makes for a juicy single point of failure.”
Comment
by u/rkhunter_ from discussion
in cybersecurity
Hackers have recently become known for targeting physical businesses, finding them convenient for laundering.
One taxi company that bore the brunt in particular was the Spanish ride-sharing company Cabify, which had 430,000 records stolen by hackers in November 2025, exposing drivers' personal details.
As far as Nihon Kotsu is concerned, no ransomware or extortion group has claimed responsibility at the time of writing.