Ransomware attack on dealership software provider Motility exposes data of 766,000 customers
Learn More
Motility Software Solutions, a dealer management software (DMS) provider and subsidiary of The Reynolds and Reynolds Company, is reporting a data breach that compromised the sensitive personal information of 766,670 customers. Motility, formerly known as Systems 2000/Sys2K, serves approximately 7,000 dealerships across the United States, specializing in automotive, powersports, marine, heavy-duty truck, RV, bus, emergency vehicle, and trailer retail operations.
The ransomware attack was detected on August 19, 2025 and resulted in both data theft and encryption of critical business servers. The attack has been claimed by the PEAR (Pure Extraction And Ransom) ransomware gang. The group posted Motility's parent company, Reynolds & Reynolds, on its dark web leak site and allegedly stole 4.3 terabytes of data during the attack.
The compromised information varies per individual and may include:
- Full name
- Postal address
- Email address
- Telephone number
- Date of birth
- Social Security number (SSN)
- Driver's license number
The company notified law enforcement authorities and restored impacted systems from backups.
To support affected individuals, Motility is providing a year of free identity monitoring services. Notification recipients have until December 19, 2025, to enroll using a unique activation code provided in their notification letters. The company has also established dark web monitoring systems to detect if the stolen data emerges on underground forums or marketplaces.
