Particle.news
Download on the App Store
7 ARTICLES
·
7mo ago

Kia Fixes Major Security Flaw Allowing Hackers to Unlock and Start Cars Using License Plates

A vulnerability in Kia's web portal enabled researchers to remotely control connected car features, exposing millions of vehicles to potential theft and privacy breaches.

Overview

  • Kia patched the vulnerability in August after it was disclosed by security researchers in June.
  • The flaw allowed attackers to unlock, start, and track virtually any Kia vehicle made after 2013 using just the license plate number.
  • Researchers exploited a bug in Kia's dealer system API, which failed to verify user permissions properly.
  • The attack also exposed personal information of Kia owners, including names, phone numbers, and vehicle locations.
  • This incident highlights broader concerns about the cybersecurity of connected vehicles and the need for robust protections.