On Wednesday police in Austin, Texas arrested a 20-year old man on suspicion of remotely disabling more than 100 vehicles sold through his former place of employment, Texas Auto Center.
Wired reports that more 100 drivers in Austin had their cars disabled or had their car horns start to honk uncontrollably after an intruder ran amok in a web-based vehicle-immobilization system used by Texas Auto Center.
Webteck Plus, offered by a company called Pay Technologies, is used to remind customers who are late on their car payments that they're falling behind. A small black box is installed under the dashboard and it responds to commands issued from a central website.
When 20-year-old Omar Ramos-Lopez was laid off, he allegedly broke into the system and disabled or tampered with over 100 cars sold through his employer's dealerships.
"We initially dismissed it as mechanical failure," Texas Auto Center manager Martin Garcia said. "We started having a rash of up to a hundred customers at one time complaining. Some customers complained of the horns going off in the middle of the night. The only option they had was to remove the battery."
The problems stopped once the system was reset and all the passwords changed, however, IP logs from PayTeck traced the breach to one Ramos-Lopez’s AT&T internet service. The ex-employee accessed the system through another employees account and began tampering with and disabling vehicles via specific name searches. Once Ramos-Lopez realized he could pull up a list of all the cars equipped with the technology (more than 1,000), he began going down the list, disabling cars in alphabetical order.
The 20-year-old faces computer intrusion charges for gaining unauthorized access to the system.