Electricity Forum

SIDNEY - - An Australian security researcher has discovered an app used by owners of NissanÂ’s Leaf electric cars can be easily hacked, allowing the carÂ’s heating and air-conditioning systems to be hijacked as well as learning data about driversÂ’ recent journeys, a BBC News report said.

Troy Hunt reported the flaw after reporting it to Nissan, giving the company a month to fix the issue before making the flaw public. Nissan said it could not yet comment.

Although the problem is not life-threatening, Hunt told BBC News, hackers can still take advantage of the NissanConnect appÂ’s vulnerability to cause mischief by running down peopleÂ’s batteries, the report said.

"The right thing to do at the moment would be for Nissan to turn it off altogether," Hunt told the BBC. “They are going to have to let customers know. And to be honest, a fix would not be hard to do. It's not that they have done authorization [on the app] badly, they just haven't done it at all, which is bizarre."

To confirm the problem existed, Hunt used the VIN number of a Nissan Leaf-owning acquaintance based in the UK, the report said.

"I was sat in the vehicle with everything powered off and didn't have my key on me," recalled Scott Helme, who is also a cybersecurity adviser.

"So, the vehicle was as it would be if it was completely unattended.

"As I was talking to Troy on Skype, he pasted the web address into his browser and then maybe 10 seconds later I heard an internal beep in the car.