99/69 Wednesday, February 18, 2026
Washington Hotel, a major business hotel chain in Japan, has issued a statement confirming that its server systems were targeted by a ransomware attack on Friday, February 13, 2026, at 10:00 PM. The incident resulted in unauthorized access to certain business-related data. As an immediate containment measure, the company disconnected the affected servers from the internet to limit the scope of damage and established a dedicated response team in collaboration with external cybersecurity experts to assess the impact and accelerate system recovery efforts.
Preliminary investigations indicate that attackers gained access to business data stored on the compromised servers. The hotel stated that the likelihood of customer data leakage is considered low, as such information is stored separately on systems managed by third-party service providers. At this time, no evidence of unauthorized access to those external systems has been identified. In terms of operational impact, some credit card terminals at certain branches were temporarily unavailable, but other services have continued to operate normally. The company is currently evaluating the financial impact of the incident.
The organization is working closely with law enforcement authorities and cybersecurity specialists to investigate the attack. As of now, no ransomware group has publicly claimed responsibility. In recent months, several prominent Japanese companies-including Nissan and Muji-have also experienced cyberattacks. Additionally, JPCERT/CC has highlighted ongoing exploitation of CVE-2026-25108 in Soliton Systems’ FileZen product, a widely used file-sharing solution in Japan. However, there has been no confirmation linking that vulnerability directly to the Washington Hotel incident.
