View Single Post
      05-16-2020, 10:43 PM   #1
Mosely
Lieutenant
Mosely's Avatar
489
Rep
447
Posts

Drives: '18 M2 | '20 X5 | '07 E92
Join Date: Mar 2017
Location: SoCal

iTrader: (0)

Did the BMW Connected App Just Get Majorly Hacked? Answer: No

Was sitting on the couch with the wife watching TV, suddenly she got an alert to her phone from the BMW connected app saying "The panic alarm on your X7 M50i is going off". We don't have an X7...we have an X5 and an M2.

So she logged into the app and now it shows someone else's 330i in Georgia (we live in Texas) as her registered vehicle. She is able to see all the personal information associated with this car, destinations, home address, sync'd calendar events, etc.

I ran outside to make sure our cars were okay (they were). And we logged in and out of the app. Upon logging back in now it shows a 440i from Las Vegas. Again, we can see all the personal information associated with this new car. I had the ability to remote start, unlock, etc....

Tried calling BMW but they're closed. Will update as more happens but this appears to be a major breach of some sort.

Edit: it's back to normal after 15-20 minutes but some of the calendar events and location history etc from other people's accounts are still visible. It also only happened on her iPhone and not to mine on Android.
__________________
IG Photo Gallery:
instagram.com/dr_m2sko/


Last edited by Mosely; 05-17-2020 at 01:35 AM..