In a shocking revelation, cybersecurity researchers have unearthed serious vulnerabilities in Subaru's web portal that could potentially allow hackers to unlock, start, and track millions of vehicles. According to a report by Wired, these alarming security gaps were initially identified by security experts Sam Curry and Shubham Shah over a year ago.

After conducting their investigation, the researchers reported their findings to Subaru, who has since patched these vulnerabilities. However, Curry and Shah warn that simply fixing these issues is merely a temporary fix to a much larger crisis affecting the automotive industry as a whole.

Using a test vehicle, the researchers successfully accessed the company’s employee web portal. This not only enabled them to remotely start the vehicle but also provided real-time tracking capabilities along with access to a year’s worth of location data. This kind of information poses significant risks. As Curry pointed out, “Whether somebody’s cheating on their wife or getting an abortion or part of some political group, there are a million scenarios where you could weaponize this against someone.” Such data exploitation echoes concerns regarding privacy and safety in a technology-driven world.

This discovery raises critical questions about the security protocols in place within connected vehicles. The researchers further emphasized that the vulnerabilities they identified are not isolated to Subaru alone; similar web-based flaws have been found in several other major automotive brands, including Acura, Genesis, Honda, Hyundai, Infiniti, Kia, and Toyota.

As vehicles continue to become increasingly interconnected, the urgency for robust cybersecurity measures cannot be overstated. Experts caution that as long as employees have access to sensitive data, the risk of evolving hacking methods remains a constant threat.

As the automotive industry wrestles with these significant security challenges, consumers are left wondering: how safe is your connected car? Stay alert and informed, as this ongoing battle against cyber threats is far from over!