Data security gaps found at more automakers

A group of white hat hackers cracked the customers and backend operations of multiple automakers including BMW, Ferrari, Ford, Jaguar Land Rover, Mercedes-Benz, Porsche and Rolls-Royce.

The findings follow up on the group’s discovery late last year of a flaw in SiriusXM’s telematics service that led to compromises on Honda, Hyundai, Nissan and Toyota models.

White hat hackers gained access to this latest set of vulnerabilities, including detailed customer information and internal control functions, but a 90-day moratorium was voluntarily imposed, requiring the group to withhold disclosure until earlier this month. I didn’t.Sam Curry, Omaha, Nebraska, Security Engineer, said car news.

The moratorium, inspired by the policy of the Google Project Zero security research team, is intended to give vendors time to work with vendors to close security gaps, as well as to express their intent to disclose, Currie said. said Mr. According to Curry, the researcher said his provider of services also hacked Spireon and his Reviver.

Ford, Mercedes-Benz, Reviver, Spireon Spoken car news That they closed the violation.

Ford said it learned of the problem through the “Bug Bounty” program and fixed it.

Porsche Cars North America spokesperson Marcus Kabel said the company is constantly monitoring the system. “We take signs of vulnerability very seriously,” he said. “Our first priority is to prevent third parties from unauthorized access to the vehicle’s systems.”

Find the full story here.

Khan Dingla