Sign in / up

back to article Used cars? Try used car accounts: 15,000 up for grabs online at just $2 a pop

Researchers have found almost 15,000 automotive accounts for sale online and pointed at a credential-stuffing attack that targeted car makers. The team at Kasada did not name the car manufacturers in question, only saying that the first 10,000 accounts "targeted a single, large European automotive manufacturer with motorists …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. jmch
    Boffin

    Dealership questions....

    Seems like rather than

    - how many miles to the gallon?

    - what's the horsepower?

    - does it have <optional extra>??

    customers should be asking

    - does it work without an account?

    - what data does it store and send?

    - how can I stop it collecting / sending data?

    15 0 Reply
    1. Roland6 Silver badge
      Reply Icon

      Re: Dealership questions....

      For used vehicles Customers should be asking

      - how do I take over the existing account?

      It was a learning experience trying to do this for a Vauxhall I purchased outside of the Vauxhall dealer network, possessing the V5C was not sufficient…

      5 0 Reply
    2. PRR Silver badge
      Reply Icon

      Re: Dealership questions....

      > ....customers should be asking .... - does it work without an account? ..... - what data does it store and send? .... - how can I stop it collecting / sending data?

      Yes, yes yes.

      And sadly, the dealer may not know. These data-back systems are new and still evolving. Asking an owner of a 2022 RAV4 may not reveal all about my 2023 RAV4. Even the different trim levels get different connection features.

      2 0 Reply
  2. The Oncoming Scorn Silver badge
    Holmes

    Hmmmm

    Just as a precaution I think I'l cover the VIN\ Barcode thats mounted into the dash at the bottom of the windscreen.

    2 0 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Hmmmm

      Exactly. The VIN is visible to every man and his dog at the bottom of the windscreen, and the make and model of a car is usually advertised prominently on the outside of the car. So what exactly can criminals do with this public information? If it's something significant then tell us what it is and start organising a movement to get laws changed!

      3 0 Reply
      1. Great Bu
        Reply Icon

        Re: Hmmmm

        But to get that data you have to physically go and look at every car, not just buy 15,000 numbers online.....also I am guessing the data may well have other identifiers linked to it such as owner details or email addresses.

        5 0 Reply
        1. John Brown (no body) Silver badge
          Reply Icon

          Re: Hmmmm

          Put a high-vis vest on so you look like you are supposed to be there and just walk around any car park taking photos of the VINs and reg plates, simples! Of course, tying that to an address and owner is a little more difficult. You'd need to set up a "parking enforcement" company and then pay 20p per look-up or whatever it is to get info from DVLA.

          2 0 Reply
      2. hoola Silver badge
        Reply Icon

        Re: Hmmmm

        It is easier to obtain and if it already includes other useful data it worth their while.

        Sure, anyone can get a VIN but that involves going out and wandering round car parks with a camera. Most are infested with CCTV. This way they don't have to open the front door.

        0 0 Reply
  3. Anonymous Anti-ANC South African Coward Silver badge

    All your VIN are belong to us

    0 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like