Jeep and Fiat Face Class Action and Vehicle Recall After Security Researchers Expose Software Flaw
In July, two software researches exposed a security flaw in Jeep Cherokees that showed the vehicle’s computers are susceptible to hackers. The two researchers were able to prevent the vehicle’s brakes from working by hacking into the Cherokee’s computers via the wireless cellular connection.
After the video went viral, Cherokees underwent a 1.4 million-unit vehicle recall, and now, several consumers hope to make the vehicles safer with a class action lawsuit.
The class action lawsuit covers any Fiat or Jeep owners whose cars have a Uconnect system, which allows the consumer’s phone to connect to the vehicle. In response, Fiat claims that they knew about the safety issue, which is why the company failed to alert the National Highway Traffic Safety Commission or their customers, and were working on a fix.
The NHTSA has opened a recall investigation into Fiat Chrysler, manufacturers of Jeep Cherokees among many other vehicles that may have a similar Uconnect problem. Fiat Chrysler said in a statement: it advised NHTSA of the security issue “in a reasonable and timely manner.” The company said it’s “conducting a remedial campaign as a safety recall in the interest of protecting its customers” out of “an abundance of caution.” The company stated that they are also unaware of any injuries or deaths related to the hacking – just the Wired video, which shook the world.
The class action suit was filed by plaintiffs Brian Flynn, and George and Kelly Brown, on behalf of any Fiat Chrysler consumers who may have been put at risk due to the company’s negligence of their customers’ safety. They stated that Fiat Chrysler had been alerted by the two safety researchers about the potential security flaw as early as January 2014, which pointed out the connection between Jeep Cherokee vehicles’ internet entertainment system and the vehicle’s CAN bus, which controls crucial safety features like steering and the brake system.
“The [affected] Vehicles are defectively designed in that essential engine and safety functionality is connected to the unsecure uConnect system through the CAN bus,” the class action complaint reads. “uConnect should be segregated from these other critical systems. There is no good reason for this current design. The risks associated with coupling these systems far outweigh any conceivable benefit.”
“This is the real defect with these vehicles,” the plaintiff’s attorney said in an email statement. “Our goal with this lawsuit is to force Chrysler and Harman to conduct a proper recall where the actual issue is addressed.”
The class action, filed on Tuesday, August 4th, states that Fiat Chrysler’s proposed patch will not solve the underlying problem. “As long as the uConnect system is physically connected to the vehicles’ CAN bus, the potential for vulnerability exists … The overarching defect is a design and system architecture problem in that non-secured systems are coupled with essential engine and safety controls. This is not a software issue.”
The filed class action suit does not seek compensation for those physically injured, but for Fiat Chrysler consumers who may have suffered due to potential fraud on the part of the company. If you would like to learn more about class action lawsuits see our page here.