What happened in the Copeland Auto Group data breach?

Copeland Auto Group experienced a data breach after detecting suspicious activity within an employee email account on August 4, 2025. An unauthorized actor gained access to confidential data stored in emails and attachments, exposing sensitive customer and employee information across multiple Massachusetts dealership locations.

What information was exposed in the Copeland Auto Group breach?

The exposed data includes full names, Social Security numbers, government-issued identification numbers such as driver's license numbers, payment card information, financial account information, and protected health information.

How many people were affected by the Copeland Auto Group data breach?

At least 2,731 customers and employees associated with Copeland Chevrolet in Brockton, Massachusetts were affected. The total number of impacted individuals across all Copeland Auto Group dealerships has not been disclosed, but the breach may have impacted all Copeland dealerships.

Which Copeland Auto Group locations were affected?

The incident affected multiple dealership locations operated by Copeland Auto Group, including Toyota, Chevrolet, and Subaru franchises in Brockton, Hudson, and Hyannis, Massachusetts. The company's disclosure statements indicate that the breach may have impacted all Copeland dealerships.

When were affected individuals notified about the breach?

Copeland Auto Group began notifying affected individuals by mail on October 16, 2025, more than two months after the breach was discovered on August 4, 2025.

What is Copeland Auto Group offering to affected individuals?

Copeland Auto Group is offering all affected employees and customers twelve months of complimentary identity monitoring services, including credit monitoring, fraud consultation services, and identity theft restoration services.

Advisory

Google releases Chrome 142, patches 20 security flaws

published: Oct. 30, 2025

Take action: If you are using Google Chrome or other Chromium-based browsers (Edge, Brave, Vivaldi, Opera...) patch your browser ASAP. There's a huge number of flaws patched for a product that's updated every month. Even if you want to debate the severity scoring, it's better to just update. Because while you debate, hackers will find a way to exploit them.

Learn More

Google has released Chrome 142 for Windows, Mac, and Linux platforms on October 28, 2025, patching 20 security, at least 7 high-severity.

Vulnerabilities summary

CVE-2025-12428 (CVSS score 9.8, Google severity High): Type Confusion in V8 that could allow attackers to execute arbitrary code through crafted JavaScript objects.
CVE-2025-12429 (CVSS score 9.8, Google severity High): Inappropriate implementation in V8 that enables potential remote code execution via malicious web content.
CVE-2025-12430 (CVSS score 9.8, Google severity High): Object lifecycle issue in Media affects media handling components and could facilitate unauthorized access.
CVE-2025-12431 (CVSS score 9.8, Google severity High): Inappropriate implementation in Extensions and could allow attackers to bypass security policies in the extensions framework.
CVE-2025-12432 (CVSS score 9.8, Google severity High): Race condition in V8 that could lead to exploitation under specific conditions.
CVE-2025-12433 (CVSS score 9.8, Google severity High): Inappropriate implementation in V8. Another V8 engine flaw with potential for code execution.
CVE-2025-12036 (CVSS score 9.8, Google severity High): Inappropriate implementation in V8.
CVE-2025-12434 (CVSS score 9.8, Google severity Medium): Race condition in Storage.
CVE-2025-12435 (CVSS score 9.8, Google severity Medium): Incorrect security UI in Omnibox that could mislead users about website security status.
CVE-2025-12436 (CVSS score 9.8, Google severity Medium): Policy bypass in Extensions.
CVE-2025-12437 (CVSS score 9.8, Google severity Medium): Use after free in PageInfo.
CVE-2025-12438 (CVSS score 9.8, Google severity Medium): Use after free in Ozone.
CVE-2025-12439 (CVSS score 9.8, Google severity Medium): Inappropriate implementation in App-Bound Encryption.
CVE-2025-12441 (CVSS score 9.8, Google severity Medium): Out of bounds read in V8.
CVE-2025-12443 (CVSS score 9.8, Google severity Medium): Out of bounds read in WebXR.
CVE-2025-12440 (CVSS score 9.8, Google severity Low): Inappropriate implementation in Autofill.
CVE-2025-12444 (CVSS score not calculated, Google severity Low): Incorrect security UI in Fullscreen UI.
CVE-2025-12445 (CVSS score 9.8, Google severity Low): Policy bypass in Extensions.
CVE-2025-12446 (CVSS score 9.8, Google severity Low): Incorrect security UI in SplitView.
CVE-2025-12447 (CVSS score 9.8, Google severity Low): Incorrect security UI in Omnibox.

The update is distributed as version 142.0.7444.59 for Linux, 142.0.7444.59/60 for Windows, and 142.0.7444.60 for Mac and will roll out gradually over the coming days.

Google has restricted access to detailed bug information until the majority of users have updated to the patched version to prevent attackers from exploiting known vulnerabilities in unpatched systems while the update is still rolling out.

Chrome users are strongly advised to update their browsers immediately by navigating to chrome://settings/help to verify that automatic updates are enabled and the latest version has been installed.

Google releases Chrome 142, patches 20 security flaws

Read More
Adobe patches over 30 vulnerabilities in Adobe Software …
Steam removes game demo distributing Information-Stealing malware
Microsoft Defender RedSun Zero-Day Exploit Grants SYSTEM Privileges
Active GithHub Phishing campaign impersonating GitHub Recruitment
Atlas VPN unpatched vulnerability exposes users' real IP …