Washington Hotel in Japan discloses ransomware infection incident

The Washington Hotel brand in Japan has announced that that its servers were compromised in a ransomware attack, exposing various business data.

The hospitality group has established an internal task force and engaged external cybersecurity experts to assess the impact of the intrusion, determine whether customer data was compromised, and coordinate recovery efforts.

Washington Hotel, a brand operating under Fujita Kanko Inc. (WHG Hotels), is a business-focused hospitality chain with 30 locations across Japan. WHG has 11,000 rooms over its properties and has nearly 5 million guests every year.

According to the company’s disclosure, hackers breached its network on Friday, February 13, 2026, at 22:00 (local time). The IT staff immediately disconnected servers from the internet to prevent the attack from spreading on the network.

The organization states that it started consulting with the police and external cybersecurity experts.

Although an investigation is ongoing, Washington Hotel can confirm that the attacker gained access to various business data stored on the affected servers.

Customer data is unlikely to be exposed because the company stores this information on servers managed by a separate company, for which no unauthorized access has been confirmed.

The incident is impacting operations at some Washington Hotel brand properties, including the temporary unavailability of credit card terminals. Besides that, the firm says it recorded no significant operational disruption.

The financial impact of the incident is currently under review. Washington Hotel promised to provide updates if any additional relevant details emerge.

As of writing, no ransomware groups have claimed the Washington Hotel on known dark-web-based extortion portals that BleepingComputer monitors.

Multiple companies in Japan have been targeted by hackers lately. Some of the recent incidents include global automaker Nissan, retail giant Muji, the largest brewer in the country, Asahi, and telecom giant NTT.

Although not necessarily related to the breach at Washington Hotel, JPCERT/CC disclosed late last week that hackers were exploiting an arbitrary command injection flaw in Soliton Systems’ FileZen products, tracked under CVE-2026-25108.

The file-sharing appliance is widely used by Japanese companies and was also targeted in 2021.

The future of IT infrastructure is here

Modern IT infrastructure moves faster than manual workflows can handle.

In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.

Get the guide