Researchers Hacked California's Digital License Plates, Gaining Access to GPS Location and User Info
hubie writes:
Cybersecurity researchers managed to hack into California's new digital license plates, which are sold and managed by tech company Reviver. The digital plates, called Rplates, went on sale in California late last year, but it was only a matter of time before hackers found a backdoor into Reviver's systems.
Luckily, the white hats got there first by gaining full "super administrative access" via the Reviver website, according to Vice. This allowed the team of researchers to track the location of all cars using the plates, access all user records and even change some of the text shown on the digital plate displays.
[...] Even so, the bug found on the Reviver site could've given someone an alarming amount of information and control over the digital plates. As Curry notes, Reviver patched the bug within 24 hours after it was reported; the company shared a statement with Jalopnik saying a subsequent investigation found that the "potential vulnerability" had not been misused, nor had any user data been leaked.
For the unaware (as I was), a digital license plate is an IoT-enabled ePaper display that replaces the stamped metal plate on your car where the user can apparently use their online account to change the look of the plate and the cheeky message displayed at the bottom. What I couldn't find was any compelling reason why I would want to spend my own money to get one.
Read more of this story at SoylentNews.