Car Hacking = Car Jacking = Lawsuit!!!! That’s all the math we need, and indeed three Fiat Chrysler customers, who have have filed a proposed consumer fraud lawsuit alleging the recent recall of 1.4 million Dodge, Ram and Jeep vehicles for a software patch is not enough to safeguard customers against hacking of uConnect and the 3G “infotainment” systems networked into the vehicles.
Cast your mind back…
“On July 21, 2015, Wired Magazine published an article in which security researchers demonstrated the ability to remotely hack into a 2014 Jeep Cherokee while it was driving on a highway in St. Louis,” the lawsuit states. “They were able to gain access to the vehicle through security vulnerabilities in the uConnect system. Once they were ‘inside,’ the researchers were able to rewrite encoded chips in the uConnect hardware which allowed them to access and issue commands.”
The Fiat Chrysler lawsuit is seeking a court order forcing Fiat Chrysler to physically disconnect the uConnect system from the controller area network, or CAN bus network, that links it to the rest of the vehicles electronics. The plaintiffs claim this is the only way to ensure those other systems are protected from hacking. The complaint also names Harmon International Industries, the maker of the infotainment system, as a defendant.
According to the plaintiffs, hackers could even use uConnect to shut down cars while on the highway, both through the 3G network, which cannot be disconnected, and through the radio, a separate hacking risk that is currently under investigation by the National Highway Traffic Safety Administration. That investigation is looking into an estimated 2.8 million additional vehicles with uConnect from other manufacturers on top of the ones Fiat Chrysler recalled.
The lawsuit contends that Fiat Chrysler was aware of the hacking vulnerability almost 18 months prior the recall, and waiting for the recall to be issued constituted a breach of the company’s responsibilities under the Transportation Recall Enhancement, Accountability and Documentation Act. Further, that wait means Fiat Chrysler cannot be trusted to expeditiously address vulnerabilities found in the future, the complaint states.
“It’s clear the defendant chose to finally update the software only because the flaw was being made public by the security researchers,” the lawsuit states. However, the plaintiffs contend that simply updating the software on affected cars is a complicated process that will not guarantee future safety. Therefore, Fiat Chrysler is liable for fraud for its characterization of the recall as a software issue rather than an inherent vulnerability resulting from the link between uConnect and the other systems, the plaintiffs assert.
“Defendants’ claims that this update makes these vehicles safe are untrue,” the plaintiffs contend. “By inaccurately describing the problem, the defendants are perpetrating a fraud on class members and giving them a false sense of security.” The case is Flynn et al v. FCA US LLC et al, case number 3:15-cv-00855 in the U.S. District Court for the Southern District of Illinois.
Where are those electric self-driven cars they’ve been promising?
Heads Up Soccer Moms! A personal injury and negligence class action lawsuit has been filed on behalf of several current and former soccer players against soccer’s worldwide governing body, FIFA, and affiliated soccer organizations in the United States including U.S. Youth Soccer and American Youth Soccer, leagues responsible for over three million child and adolescent soccer players in the United States, for allegedly failing to incorporate up-to-date guidelines into their concussion policies.
The soccer concussion lawsuit states that no rule limits headers in children’s soccer, and children are often taught to head the ball from the age of three. A dedicated youth player might sustain 1,000 headers per year, and a high school player more than 1,800 headers.
The lawsuit seeks the following:
– Require FIFA and its U.S. affiliates to implement up-to-date guidelines for detection of head injuries and for return to play after a concussion.
– Regulation of heading by players under 14 years old.
– A rule change to permit substitution of players for medical evaluation purposes.
The lawsuit alleges that these groups have failed to adopt effective policies to evaluate and manage concussions, a common occurrence at all levels of the game. They also claim that a lack of effective policies poses a greater danger to women and children players, who are more vulnerable to traumatic and long-lasting brain injury.
Here’s a whopper…A $235 million settlement has been approved, ending a securities class action brought by a pension fund against Citigroup Global Markets Inc., Goldman Sachs & Co. and UBS Securities LLC, over allegations that the Residential Accredit Loans Inc. (RALI) certificates’ seller, Residential Capital, and the underwriter defendants failed to disclose weaknesses in the underlying loans in approximately 59 offerings.
The lawsuit was brought in 2008 by the New Jersey Carpenters Health Fund in New York over the sale of mortgage-backed securities to the fund as well as other investors in several offerings between 2006 and 2007 that were issued and sold by RALI. The class action claimed the prospectuses had material misstatements and omissions.
There are three tiers of putative class members, and the funds will be distributed based on the strength of their claims at the time of settlement.
The case is New Jersey Carpenters Health Fund et al. v. Residential Capital LLC et al., case number 1:08-cv-08781, in the U.S. District Court for the Southern District of New York.
Ok – That’s a wrap folks…See you at the Bar folks!