CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

Motility Software Solutions Ransomware Attack Exposes 766,000 Client Records

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Motility Software Solutions, a provider of dealer management software (DMS), experienced a ransomware attack on August 19, 2025. The incident exposed the sensitive data of 766,000 customers. The compromised data includes full names, addresses, email addresses, telephone numbers, dates of birth, Social Security numbers, and driver’s license numbers. The attack affected 7,000 dealerships across the United States. The company has implemented additional security measures, restored systems from backups, and established dark web monitoring. No ransomware group has claimed responsibility for the attack. Motility has offered a year of free identity monitoring services to affected individuals.

Timeline

  1. 01.10.2025 23:37 1 articles · 6d ago

    Motility Software Solutions Ransomware Attack on August 19, 2025

    On August 19, 2025, Motility Software Solutions experienced a ransomware attack that encrypted some of its systems and stole customer data. The incident exposed the sensitive data of 766,000 customers, including full names, addresses, email addresses, telephone numbers, dates of birth, Social Security numbers, and driver’s license numbers. The attack affected 7,000 dealerships across the United States. Motility has implemented additional security measures, restored systems from backups, and established dark web monitoring. The company has offered a year of free identity monitoring services to affected individuals.

    Show sources
    Open in new tab

Information Snippets

Similar Happenings

Asahi Group Holdings Suffers Cyberattack Disrupting Japanese Operations

Asahi Group Holdings, Ltd., Japan's largest brewer, has confirmed a ransomware attack that began on September 29, 2025, and has disrupted operations in Japan. The incident has affected ordering, shipping, customer service activities, and production at some of its 30 domestic factories. The company has confirmed data theft from compromised devices and is working to restore impacted operations. The attack has not affected operations outside of Japan, and no ransomware group has claimed responsibility. Asahi has established an Emergency Response Headquarters and is collaborating with external cybersecurity experts to restore the system. The company has begun partial manual order processing and shipment and aims to gradually resume call center operations. The potential impact on Asahi’s financial results for fiscal year 2025 is under review. Asahi Group Holdings is investigating the source of the disruption and working to restore impacted operations. The company operates four regional branches and holds significant market share in Japan and internationally. The nature of the cyberattack is confirmed as ransomware, which has led to system failures affecting orders, shipments, and call center operations at all subsidiaries in Japan.

Open in new tab

Qilin ransomware group targets multiple organizations

The Qilin ransomware group has been active, targeting multiple organizations, including Inotiv, a U.S.-based pharmaceutical company, Creative Box Inc. (CBI), a subsidiary of Nissan, and Mecklenburg County Public Schools (MCPS). The latest attack was on Asahi Group, where Qilin claims to have stolen 27 GB of sensitive data, including 9,000 files containing contracts, employee information, financial documents, forecasts, and other business data. The attack caused significant operational disruption, including a beer shortage in Japan. The group has also targeted other Japanese companies, including Shinko Plastics and Osaki Medical. The Qilin ransomware group operates as a ransomware-as-a-service (RaaS) network, providing tools and infrastructure to affiliates and taking a 15–20% share of ransom payments. The group's malware is custom-built in Rust and C for cross-platform attacks, including Windows, Linux, and ESXi systems. The attack on Inotiv, which occurred on August 8, 2025, encrypted certain systems and data, disrupting business operations. The Qilin ransomware group claimed to have stolen approximately 162,000 files totaling 176GB. The company has engaged external security experts and notified law enforcement. The disruption affects databases and internal applications used in business processes, with no estimated timeline for full recovery. On August 16, 2025, the Qilin ransomware group targeted Creative Box Inc. (CBI), stealing four terabytes of data, including 3D vehicle design models and internal reports. CBI implemented emergency measures and reported the incident to the police. The Qilin ransomware group added CBI to its extortion portal on August 20, 2025, threatening to make the stolen data public. Nissan confirmed the data breach and is conducting an investigation. The leaked data only impacts Nissan, as it is the sole customer of CBI. In early September 2025, the Qilin ransomware group also claimed responsibility for an attack on Mecklenburg County Public Schools (MCPS), stealing 305 GB of sensitive data, including financial records, grant documents, budgets, and children’s medical files. The attack disrupted operations, forcing teachers to rely on pen, paper, and whiteboards for instruction. Internet systems were restored about a week later. MCPS Superintendent Scott Worner confirmed the attack and stated that the district is assessing the extent of the breach. The Qilin ransomware group has claimed to have exfiltrated more than 9,300 files in 27GB of data from Asahi Group. Asahi Group is Japan’s largest brewing company, with 30,000 employees, an annual production of 100 million hectoliters, and a yearly revenue of $20 billion. The group published 29 images showing internal financial documents, employee IDs, confidential contracts, and internal reports as proof of the theft. Asahi Group suspended operations at six Japan-based facilities due to a cyberattack on September 29, 2025. The Qilin ransomware group added Asahi to its data leak site, likely after failing to negotiate a ransom with the company. The group is infamous for exploiting critical flaws in edge network devices, deploying credential theft tools, and continually advancing their encryptor. Qilin claims that the attack will cause Asahi to lose up to $335 million due to production disruptions at six breweries impacting thirty labels. Asahi Group resumed production of its flagship beer, 'Super Dry,' thanks to a temporary manual ordering system. Shipping for more labels is expected to resume from October 15, 2025, although factories are not yet fully operational.

Open in new tab