A security researcher hacked into the online dealership portal of a major automaker, exposing significant security flaws that could let malicious hackers gain access to customers' confidential data and allow hackers to unlock cars remotely
Unfettered Access To Customer Data
Eaton Zveare, a security researcher for a software company, stated that he gained access to this confidential information by creating an administrative account on the unnamed automaker's web portal, according to a report by TechCrunch on Sunday.
The flaw could enable hackers to track vehicles, access financial records, and enroll users in programs, allowing them to gain remote access to vehicles, the report stated. Zveare says he does not plan on naming the automaker.
While the researcher admits that gaining access via the bug was difficult, once he found the vulnerability, it allowed him to bypass login checks.
"No one even knows that you're just silently looking at all of these dealers' data, all their financials, all their private stuff, all their leads," Zveare said in the report when describing the flaw.
Zveare described that the portal could let the hacker pair any vehicle with an account, which could let the hacker remotely unlock car doors.
Cyberattacks Stall Car Dealerships
The news comes as cyberattacks on over 15,000 car dealerships last year across the U.S. caused the dealers' services to be disrupted last year, with employees resorting to pen and paper to continue the work.
"Every delivery is being rescheduled to a future date," a dealership employee had shared amid the outage that caused the disruptions.
Crowdstrike Falls, Auto Industry Faces Challenges
Cybersecurity company CrowdStrike Holdings Inc. (NASDAQ:CRWD) shares fell recently, reflecting broader sentiment in the market about the sector, which has been dealing with cautious approaches among some key players.
Addressing cyber vulnerabilities is just another issue for automakers, who have been dealing with a flurry of uncertainties from several factors, including President Donald Trump's tariffs, as well as dwindling sales for companies like Tesla Inc. (NASDAQ:TSLA).
Check out more of Benzinga’s Future Of Mobility coverage by following this link.
Read Next:
Photo courtesy: Shutterstock
