Fiat Chrysler Cracks Down on Data Violators After Ram/Jeep Theft Ring Bust
A Houston-area vehicle-theft ring that used laptops to enter, then steal, over 100 Jeep and Ram vehicles exposed a serious internal security breach at Fiat Chrysler Automobiles.
Now that two arrests have been made in the case, FCA is talking tough and threatening criminal proceedings against anyone who provides outsiders with key vehicle data, Automotive News reports.
Earlier this year, Houston police noticed a trend in vehicle thefts. Certain Ram and Jeep models disappeared from driveways and garages more than any other model, and a private security camera eventually captured one thief using a laptop to enter a Jeep Wrangler, disable its security system, then drive off.
Suspicion fell on hackers, but FCA’s security head told us last month that the thefts aren’t the result of a purpose-built gadget or device.
“Not just anyone can do that — you need to have access to our systems in order to get the information necessary from each vehicle to marry a key fob,” Titus Melnyk, FCA’s senior manager of security architecture, told TTAC, adding that the thefts were the result of someone “abusing their privileges.”
On Thursday, the automaker updated the terms of use for its internal DealerCONNECT software. FCA now threatens “civil and criminal proceedings” against those who provide outsiders with “key codes, radio codes and other anti-theft or security measures.”
Houston police say the thieves used a laptop, OBD-II plug and software to make off with the vehicles, most of which had crossed the Mexican border by the time their owners noticed them missing.
A FCA spokesperson told the Houston Chronicle that thieves entered the vehicle identification number of a target vehicle into a FCA database to access the code for that vehicle’s key fob. After programming the vehicle’s security system to accept a generic key fob, the Jeep or Ram was theirs for the taking.
The vehicle-theft ring is still active in the Houston area, according to police, and more arrests are likely. Neither the police nor FCA have stated exactly how thieves accessed the automaker’s VIN database.
[Image: Fiat Chrysler Automobiles]
More by Steph Willems
Latest Car Reviews
Read moreLatest Product Reviews
Read moreRecent Comments
- Harry HOW i RECOVER MY LOST OR STOLEN FUNDS:You should gather and document all relevant details about the theft, such as transaction IDs, wallet addresses, and any communication with the scammer if any, and then proceed to message SYLVESTER. G. BRYANT to get back your lost/ stolen funds by sharing the evidence you've compiled. he was the only one who was able to recover my funds I was so surprised he got back my money worth $52k but glory be to God and all thanks to him.. here is his contact below: Instagram: Yt7crackerszEmail: Yt7crackersz@ gmail,com
- Daniel J I had read an article several years ago that one of the issues that workers were complaining about with this plant is that 1/3 of the workforce were temporary workers. They didn't have the same benefits as the other 2/3 of the employees. Will this improve this situation or make it worse? Do temporary workers get a vote?I honestly don't care as long as it is not a requirement to work at the plant.
- Kosmo Tragic. Where in the name of all that is holy did anybody get the idea that self-driving cars were a good idea? I get the desire for lane-keeping, and use it myself, occasionally, but I don't even like to look across the car at my passenger while driving, let along relinquish complete control.
- Bof65705611 There’s one of these around the corner from me. It still runs…driven daily, in fact. That fact always surprises me.
- Master Baiter I'm skeptical of any project with government strings attached. I've read that the new CHIPS act which is supposed to bring semiconductor manufacturing back to the U.S. is so loaded with DEI requirements that companies would rather not even bother trying to set up shop here. Cheaper to keep buying from TSMC.
Comments
Join the conversation
This highlights a problem in security systems in general. For automobiles, where the owner may indeed need access to a car (lost keys etc) some kind of a back door is necessary. And as demonstrates here the back door ultimately is a fatal weakness. But the losses were individual vehicles Yet this is what some in government are trying to push on data encryption. The FBI feels they are entitled to read any communication on demand, but creating a universal back door like that WILL (not 'probably' but definitely) be leaked. Then everyone's communication becomes exposed to hackers, thieves, hostile governments (which could include the US).
excuse me but this issue can be solved by putting a portion of a 3x5 card over the vin. correct? low tech solution to a high tech problem.