Cyberattack disrupts vehicle breathalyser systems, leaving drivers stranded across the US

A cyberattack targeting a U.S.-based vehicle breathalyser company has left drivers across the country unable to start their cars, causing widespread disruption.

Intoxalock, the company affected, said on its website that it is “currently experiencing downtime” following a cyber incident that occurred on March 14. The company manufactures ignition interlock devices — breathalysers installed in vehicles that require drivers to provide a clean breath sample before the engine can start. These systems are commonly used by individuals mandated to use them as part of legal or regulatory requirements.

Rachael Larson, a spokesperson for Intoxalock, confirmed that the company had experienced a cyberattack. She explained that, in response, the company took precautionary measures by temporarily shutting down parts of its systems. According to Larson, these steps were intended to limit potential damage and protect the integrity of the company’s infrastructure.

A key issue stemming from the disruption is the company’s inability to perform routine calibrations for its devices. These breathalyser systems require periodic recalibration to function properly, typically every few months. Due to the cyberattack, Intoxalock has been unable to implement these updates, resulting in delays and malfunctions for users whose devices are due for maintenance.

As a result, many drivers have found themselves unable to start their vehicles. Reports shared on Reddit indicate that if a calibration deadline is missed, the system can prevent the vehicle from starting, effectively locking drivers out of their cars.

Local news outlets have reported similar incidents across several states. In Maine, drivers have faced lockouts, with some unable to operate their vehicles at all. An auto repair shop in Middleboro, Massachusetts, told WCVB 5 in Boston that multiple vehicles have been parked at its facility for days due to the issue.

The impact appears to be widespread, with reports coming from multiple regions, including New York and Minnesota. Drivers in these areas have experienced similar problems, with their vehicles rendered inoperable due to the inability to complete required device calibrations.

Intoxalock has not disclosed specific details about the nature of the cyberattack. The company declined to confirm whether the incident involved ransomware, a data breach, or any communication from the attackers, such as ransom demands. According to its website, Intoxalock operates in 46 U.S. states and provides services to approximately 150,000 drivers annually. Despite the scale of the disruption, the company has not yet provided an estimated timeline for when systems will be fully restored or when normal service will resume.