Copeland Auto Group email compromise exposes data of customers and employees from multiple car dealerships
Learn More
Copeland Auto Group, an automotive dealership operator serving the New England region is reporting a data breach that exposed sensitive customer and employee information across multiple Massachusetts locations.
On August 4, 2025, the company detected suspicious activity within an employee email account. The email account compromise that allowed an attacker actor to access confidential data stored in emails and attachments for a limited but undetermined period. The investigation confirmed unauthorized access to both personally identifiable information and protected health information. This incident affected multiple dealership locations operated by Copeland Auto Group, including Toyota, Chevrolet, and Subaru franchises in Brockton, Hudson, and Hyannis, Massachusetts.
Exposed data includes:
- Full names
- Social Security numbers
- Government-issued identification numbers (such as driver's license numbers)
- Payment card information
- Financial account information
- Protected health information
The incident affected at least 2,731 customers and employees associated with Copeland Chevrolet in Brockton, Massachusetts. The total number of impacted individuals across all Copeland Auto Group dealerships has not been disclosed.
The company's disclosure statements indicate that the breach may have impacted all Copeland dealerships.
Copeland Auto Group began notifying affected individuals by mail on October 16, 2025. The company is offering all affected employees and customers twelve months of complimentary identity monitoring services including credit monitoring, fraud consultation services and identity theft restoration services.
