Washington Hotel in Japan discloses ransomware infection incident
Source: Bleeping Computer
Incident Overview
The Washington Hotel brand in Japan announced that its servers were compromised in a ransomware attack, exposing various business data. According to the company’s disclosure, hackers breached the network on Friday, February 13, 2026, at 22:00 (local time). The IT staff immediately disconnected the servers from the internet to prevent further spread.
Washington Hotel operates under Fujita Kanko Inc. (WHG Hotels), a business‑focused hospitality chain with 30 locations across Japan, 11,000 rooms ¹, and serves nearly 5 million guests every year ².
Response and Investigation
- An internal task force was created.
- External cybersecurity experts were engaged to assess the impact, determine whether customer data was compromised, and coordinate recovery efforts.
- The organization began consulting with the police and the external experts.
The investigation is ongoing, but the company confirms that the attacker accessed various business data stored on the affected servers.
Impact on Operations
- Customer data is unlikely to be exposed because it is stored on servers managed by a separate provider, for which no unauthorized access has been confirmed.
- Some Washington Hotel properties experienced temporary unavailability of credit‑card terminals.
- Aside from the above, the firm reports no significant operational disruption.
The financial impact of the incident is currently under review, and Washington Hotel has pledged to provide updates if additional relevant details emerge.
Threat Landscape
As of writing, no ransomware groups have claimed the Washington Hotel on the known dark‑web‑based extortion portals monitored by BleepingComputer.
Related Cybersecurity Incidents in Japan
Recent high‑profile attacks on Japanese companies include:
Additional Threat Intelligence
Although not necessarily related to the Washington Hotel breach, JPCERT/CC disclosed late last week that hackers were exploiting an arbitrary command injection flaw in Soliton Systems’ FileZen products (tracked as CVE‑2026‑25108). The file‑sharing appliance is widely used by Japanese companies and was also targeted in 2021.