Security Vulnerability Prompts Nissan Leaf App Shutdown

February 26th, 2016  |  Canadian Business

The computerization of consumer vehicles is opening doors for all sorts of revolutionary ways to interact with a car. Unfortunately these doors don’t always have the greatest locks.

The Nissan Leaf is the latest vehicle to have a cyber security scare after a security researcher figured out how to access any Leaf’s climate control system and trip logs using an exploit in the NissanConnect EV companion app. Autoblog reported on the shutdown earlier this week, clarifying exactly what the vulnerabilities are and what makes this different than previous cases of car hacking.

The main difference is the ease at which the vulnerability could be exploited. In order to gain access all a hacker would need to do is find your Leaf’s vehicle identification number and some basic app development skills. Once they had access they could then crank up the AC or heat, draining your battery or just making your car extremely uncomfortable. Somewhat more concerning is that once accessing a vehicle through the app they could also view location data from recent trips.

While there is no vulnerability to critical safety systems, Nissan is taking the security flaw seriously enough to shut down the app until they figure out a way to fix it.