Car
Renault and Dacia UK warn of data breach impacting customers
Customers of Renault and Dacia in the United Kingdom have been notified that sensitive information they shared with the car maker was compromised following a data breach at a third-party provider. With a revenue of more than $55 billion, the French car maker has 170,000 employees and an annual production output of 2.2 million vehicles. Dacia […]
Tire giant Bridgestone confirms cyberattack impacts manufacturing
Car tire giant Bridgestone confirms it is investigating a cyberattack that impacts the operation of some manufacturing facilities in North America. The company believes that its rapid response contained the attack at its early stages, preventing customer data theft or deep network infiltration. Bridgestone Americas (BSA) is the North American arm of Bridgestone, a Japanese multinational tire manufacturer, the […]
PerfektBlue Bluetooth flaws impact Mercedes, Volkswagen, Skoda cars
Four vulnerabilities dubbed PerfektBlue and affecting the BlueSDK Bluetooth stack from OpenSynergy can be exploited to achieve remote code execution and potentially allow access to critical elements in vehicles from multiple vendors, including Mercedes-Benz AG, Volkswagen, and Skoda. OpenSynergy confirmed the flaws last year in June and released patches to customers in September 2024 but many automakers have yet to […]
Subaru Starlink flaw let hackers hijack cars in US and Canada
Security researchers have discovered an arbitrary account takeover flaw in Subaru’s Starlink service that could let attackers track, control, and hijack vehicles in the United States, Canada, and Japan using just a license plate. Bug bounty hunter Sam Curry revealed on Thursday that the vulnerability was discovered on November 20, 2024, with the help of researcher Shubham Shah. They found […]
Allstate car insurer sued for tracking drivers without permission
Texas Attorney General Ken Paxton has filed a lawsuit against Allstate and its data subsidiary Arity for unlawfully collecting, using, and selling driving data from over 45 million Americans. The two companies are accused of paying millions of dollars to app developers to embed tracking code in widely used mobile apps to gather the location […]
Auto parts giant LKQ says cyberattack disrupted Canadian business unit
Automobile parts giant LKQ Corporation disclosed that one of its business units in Canada was hacked, allowing threat actors to steal data from the company. LKQ is a public American company specializing in automotive replacement parts, components, and services to repair and maintain vehicles. The company has 45,000 employees in 25 countries and operates numerous […]
Kia dealer portal flaw could let attackers hack millions of cars
Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. “These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect […]