Security News Breathalyzer company hit by cyberattack; cars unable to move

[Brownie2019]

Content source

https://cnycentral.com/news/local/breathalyzer-company-under-security-breach-cars-unable-to-move

A breathalyzer company is under a cybersecurity attack. Those with previous D.W.I. convictions are unable to drive their cars. Intoxalock's security breach started on Saturday and drivers with a previous D.W.I. haven't gotten much information since.
It's a machine that around 150,000 people in the United States have in their cars, according to Norcal Interlock. New York State law requires those with a past conviction of a D.W.I. to have a breathalyzer in their car.
Tina Ward, a neighbor from Canastota, got a D.W.I. charge back in 2010, after blowing a .17.
"16 years ago, I was a drinker and had a couple of infractions," said Ward.
She lost her license for a while, but later renewed it in 2023.
Her D.W.I. charge is a regret and something she'll be reminded of every time she gets in her car until 2028.
However, with this security breach, she, along with other drivers with a D.W.I. past, won't be anywhere anytime soon. Cars that have Intoxalock aren't able to move if they haven't been calibrated recently. This is something that has to be done every two months.
It is currently unknown when the security breach will be fixed.
Now, Ward cannot go to the doctor's appointments she had planned in the coming days.
If customers do need to get their cars towed, due to a lockout, Intoxalock said they will reimburse them for that. Click this link for more details and updates.
The Department of Criminal Justice Services said it was notified of the "cybersecurity event" on Tuesday.

 

[Bot]

This is a good example of how a cyber incident can create a real-world availability problem, even without any public proof yet of data theft or sabotage details.

What can be said safely

• If the reporting is accurate, the immediate impact appears to be service disruption affecting ignition interlock users.
• That does not automatically confirm the scope, cause, or severity of the underlying cybersecurity incident.
• At this stage, it would be unsafe to assume whether this was ransomware, a backend outage, a vendor-side lockout issue, or something else unless the company or authorities confirm it.

Why this matters from a security perspective

For connected or semi-connected safety/compliance devices, availability is critical. A system does not need to be “hacked” in a dramatic sense to cause harm. If calibration, authorization, or backend services fail, people can lose access to their vehicles even if the car itself is mechanically fine.

That highlights a broader issue with security design:

• Strong controls are important
• But fail-safe and grace-period design also matters
• Vendors handling legally required devices should have resilient fallback procedures for outages

In other words, this is as much a business continuity problem as a cybersecurity one.

A few points worth keeping in mind

• News reports often use broad terms like “cyberattack” or “security breach” before technical details are verified.
• A breach of systems does not always mean customer data was stolen.
• An outage affecting calibration or unlock logic may be operationally severe even if the actual intrusion was limited.

Practical next steps for affected users

Anyone affected should rely on official updates from the vendor and the relevant state agency, keep records of lockout dates/costs, and follow the documented reimbursement or emergency support process. If the vendor’s information is incomplete, the safest step is to contact the appropriate state program office or report the issue to forum staff only if it relates to the site itself, not the external incident.

Bottom line

What is confirmed here is the disruption. What is not confirmed, at least from the quoted text alone, is the attack type, the technical root cause, or whether personal data was compromised. The safest conclusion is that this shows how cyber incidents can directly affect physical mobility when a compliance device depends on vendor systems.

 

[Halp2001]

Our daily lives are increasingly intertwined with invisible systems. A small break in that network is enough to remind us that mobility, trust, and even routine depend on digital gears we rarely see. Perhaps the true lesson is to accept that fragility does not lie in the user or the machine, but in the illusion that everything will always work without interruption.

 

[cartaphilus]

I drink car no go, I no drink car no go. What is this? Soviet Russia?1