Laid-off employee uses coworker's password to disable car ignitions remotely

Using a former coworker's account name and password, a laid-off employee from an Austin car dealer remotely disabled the ignition on over 100 cars.

IT pros (assuming they have any) at the Texas Auto Center in Austin learned a valuable lesson in password security this week. According to Wired, an employee who was laid off last month is accused of using a Web-base vehicle immobilization service to disable the ignition system on more than a 100 cars.

The dealership used a system called WebTeck Plus from Pay Technologies (PayTeck). The system allows the dealership to disable vehicles of customers who don't make their monthly payments. The system can also be used to physically locate the vehicle and honk the horn-as a warning shot for nonpayment.

According to various reports, the disgruntled employee's account was disabled when he was let go, but he is accused of using a former coworker's user ID and password to access the system and wreak havoc on the dealership's customers.

I don't know how the ex-employee obtained his coworker's log on credentials. Dealership employees may have freely shared user accounts and passwords with each other. While still employed, the accused individual could have shoulder surfed a coworker while they were logging on. The account credentials could have been written down and stored in an unsecured location. Regardless of how this individual obtained a valid user ID and password, this event is a stark reminder of the very real consequences lax password policies can have.

Check out this video from the local NBC affiliate of an annoyed customer describing her experience.

The following TechRepublic resources can help you create a robust password policy:

By Bill Detwiler

Bill Detwiler is Editor in Chief of TechRepublic and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop support specialist in the ...