Ransomware victim disclosure
← All victimsReynolds & Reynolds
Claimed by Pear · listed 10 months ago
Status timeline
- ListedSep 14, 2025
- Data leakeddate unknown
At a glance
- Group
- Pear
- Status
- Data leaked
- Country
- United States
- Sector
- Technology
- Listed on leak site
- Sep 14, 2025
About the victim
AI dossier — public-source company profileReynolds and Reynolds is a leading U.S.-based provider of automotive retailing solutions, offering dealer management systems (DMS), CRM, finance and insurance tools, document services, and AI-powered analytics to automotive dealerships. The company operates nationally and serves a broad range of franchised and independent auto dealers. Its product suite spans sales, service, parts, business office, and compliance functions.
- Industry
- Automotive Dealership Management & Retailing Technology
- Employees
- 5000+
- Founded
- 1866
Attack summary
Severity: high — Data has been published (not merely announced), and Reynolds & Reynolds processes sensitive dealership data including finance, HR/payroll, and customer PII at scale across thousands of automotive dealerships nationwide. While specific data types confirmed in the leak are not enumerated, the breadth of sensitive data the company handles — including financial contracts, personal customer data, and HR records — warrants a high severity classification.The ransomware group 'pear' claims to have published data belonging to Reynolds and Reynolds, with the disclosure status listed as 'data_published,' indicating exfiltration and public release of company data. No ransom amount or specific data volume has been stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Dealership management data
- Customer relationship management records
- Finance and insurance documents
- Payroll and human resources data
- Digital document storage files
- eContracting records
- Parts inventory and pricing data
- Business office records
What the group claims
Leading provider of automotive retailing solutions that help manage and improve dealership
Sources
Source
Indexed 10 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

