After the report in Wired magazine about how two hackers successfully took control of a connected car, a class action lawsuit has been launched in the USA.
The magazine says that, despite the recall of 1.4 million cars, three Jeep Cherokee owners have filing a complaint against both Fiat Chrysler Automobiles and Harman International, the maker of the Uconnect dashboard computer in millions of Chrysler vehicles.
Researchers Chris Valasek and Charlie Miller showed the magazine a security flaw where they used the cellular-connected computer as the entry point for the hack, where they hijacked the steering, brakes and transmission.
Wired reports that, in their complaint against the two companies, plaintiffs Brian Flynn and George and Kelly Brown accuse Chrysler and Harman of fraud, negligence, unjust enrichment and breach of warranty. They point out that Valasek and Miller previously alerted Chrysler to their findings of vulnerabilities and that the hacking represents a serious defect in vehicles Chrysler and Harman knowingly sold to customers. “The [affected] Vehicles are defectively designed in that essential engine and safety functionality is connected to the unsecure uConnect system through the CAN bus,” their complaint reads. “uConnect should be segregated from these other critical systems. There is no good reason for this current design. The risks associated with coupling these systems far outweigh any conceivable benefit.”
The report adds that, in a followup email, the plaintiffs’ attorney Michael Gras emphasized that the suit also seeks an injunction against the companies that would force Chrysler to stage another recall to address those architectural security claims. “There is no good reason for the same vehicle system that runs Pandora to have the capability to talk to the brakes,” Gras writes. “This is the real defect with these vehicles. Our goal with this lawsuit is to force Chrysler and Harman to conduct a proper recall where the actual issue is addressed.”