Skip to main content
close search
site logo
Dive Brief

Flaw in Hyundai mobile app opened door to vehicle theft

Published April 26, 2017
Peter Adams's headshot
Senior Reporter
HyundaiUSA

Dive Brief:

  • A flaw in a December update to Hyundai's Blue Link mobile app doubled as an opportunity for tech-savvy vehicle thieves to track down, unlock and start connected vehicles, according to the cybersecurity firm Rapid7 Inc. and as reported by Reuters in U.S. News & World Report. The bug existed for three months before being squashed in March, though no reports of actual vehicle theft are apparent at this time. 

  • Blue Link is Hyundai's connected car software that gathers information and reports on a car's health and also has the ability to remote start, stop and unlock vehicles. It can be linked with a vehicle through the mobile app, smartwatches and even an Amazon Alexa skill
  • Hyundai confirmed the bug's existence and the U.S. Department of Homeland Security sent out an advisory about it on Tuesday. "The issue did not have a direct impact on vehicle safety," Jim Trainor, a spokesman for Hyundai Motor America, told Reuters in a statement. "Hyundai is not aware of any customers being impacted by this potential vulnerability."

Dive Insight:

It's easy to forget that, amid waves of hype for a more connected world, the "connected" half of the equation means the internet is involved and the risk factor for cybersecurity attacks remains high. The Blue Link bug follows a mass Fiat Chrysler recall in 2015, where 1.4 million cars were pulled from the market after researchers demonstrated they could take remote control of a fast-moving Jeep, per Reuters. 

Hyundai might actually come out of the situation relatively unscathed, as there are no notable reports of the Blue Link bug being exploited, but the fact that the issue wasn't addressed for three months suggests a pretty big PR and security disaster bullet was dodged. 

More automakers are turning to branded mobile apps like Blue Link and other third-party connected technologies in order to enhance the driver experience and build more robust infotainment systems. Earlier this week, Mercedes-Benz partnered with both Google and Amazon to bring the companies' respective voice-activated digital assistants to its 2016 and 2017 models.

The Blue Link news might give others eager to dive into the IoT car space a measure of pause, however. It could also encourage automakers to partner more with Apple or Android, which have their own in-car software services and also are more experienced in addressing internet security issues. 

Recommended Reading

Editors' picks

Company Announcements

View all | Post a press release
The Media Image Named Among Europe’s Long-Term Growth Champions by Financial Times
From The Media Image
November 01, 2024
DAIVID Launches AI-Powered Solution That Predicts Attention, Emotions, Memory and Brand Impact…
From DAIVID
October 29, 2024
New Creepy Clown Campaign From Six Flags Is The Scariest Ad Of All Time, According To New AI R…
From DAIVID
October 30, 2024
Invoca State of AI Report: 80% of B2C Marketers Say AI Tools Exceeded ROI Expectations in 2024
From Invoca
November 14, 2024
Editors' picks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell