Fiat Chrysler Cracks Down on Data Violators After Ram/Jeep Theft Ring Bust

Steph Willems
by Steph Willems

A Houston-area vehicle-theft ring that used laptops to enter, then steal, over 100 Jeep and Ram vehicles exposed a serious internal security breach at Fiat Chrysler Automobiles.

Now that two arrests have been made in the case, FCA is talking tough and threatening criminal proceedings against anyone who provides outsiders with key vehicle data, Automotive News reports.

Earlier this year, Houston police noticed a trend in vehicle thefts. Certain Ram and Jeep models disappeared from driveways and garages more than any other model, and a private security camera eventually captured one thief using a laptop to enter a Jeep Wrangler, disable its security system, then drive off.

Suspicion fell on hackers, but FCA’s security head told us last month that the thefts aren’t the result of a purpose-built gadget or device.

“Not just anyone can do that — you need to have access to our systems in order to get the information necessary from each vehicle to marry a key fob,” Titus Melnyk, FCA’s senior manager of security architecture, told TTAC, adding that the thefts were the result of someone “abusing their privileges.”

On Thursday, the automaker updated the terms of use for its internal DealerCONNECT software. FCA now threatens “civil and criminal proceedings” against those who provide outsiders with “key codes, radio codes and other anti-theft or security measures.”

Houston police say the thieves used a laptop, OBD-II plug and software to make off with the vehicles, most of which had crossed the Mexican border by the time their owners noticed them missing.

A FCA spokesperson told the Houston Chronicle that thieves entered the vehicle identification number of a target vehicle into a FCA database to access the code for that vehicle’s key fob. After programming the vehicle’s security system to accept a generic key fob, the Jeep or Ram was theirs for the taking.

The vehicle-theft ring is still active in the Houston area, according to police, and more arrests are likely. Neither the police nor FCA have stated exactly how thieves accessed the automaker’s VIN database.

[Image: Fiat Chrysler Automobiles]

Steph Willems
Steph Willems

More by Steph Willems

Comments
Join the conversation
2 of 15 comments
  • Pragmatist Pragmatist on Aug 28, 2016

    This highlights a problem in security systems in general. For automobiles, where the owner may indeed need access to a car (lost keys etc) some kind of a back door is necessary. And as demonstrates here the back door ultimately is a fatal weakness. But the losses were individual vehicles Yet this is what some in government are trying to push on data encryption. The FBI feels they are entitled to read any communication on demand, but creating a universal back door like that WILL (not 'probably' but definitely) be leaked. Then everyone's communication becomes exposed to hackers, thieves, hostile governments (which could include the US).

  • 1998redwagon 1998redwagon on Aug 29, 2016

    excuse me but this issue can be solved by putting a portion of a 3x5 card over the vin. correct? low tech solution to a high tech problem.

  • MaintenanceCosts It's not a Benz or a Jag / it's a 5-0 with a rag /And I don't wanna brag / but I could never be stag
  • 3-On-The-Tree Son has a 2016 Mustang GT 5.0 and I have a 2009 C6 Corvette LS3 6spd. And on paper they are pretty close.
  • 3-On-The-Tree Same as the Land Cruiser, emissions. I have a 1985 FJ60 Land Cruiser and it’s a beast off-roading.
  • CanadaCraig I would like for this anniversary special to be a bare-bones Plain-Jane model offered in Dynasty Green and Vintage Burgundy.
  • ToolGuy Ford is good at drifting all right... 😉
Next