BMW, Mini & Rolls-Royce Owners Alert: Critical Security Flaw Exposes 12 Million Cars to Theft
BMW Security Crisis: 12 Million Cars Exposed to Theft

Millions of British motorists are facing an unprecedented security crisis as cybersecurity experts uncover a critical vulnerability affecting BMW, Mini, and Rolls-Royce vehicles. The shocking revelation exposes approximately 12 million cars worldwide to potential theft through a sophisticated hacking technique.

The Alarming Discovery

Researchers from TU Dresden have identified a devastating security gap in the BMW operating system 7 (OS7) used in models produced between 2018 and 2022. This isn't just a minor glitch – it's a fundamental flaw in the very technology designed to protect your vehicle.

How the Attack Works

The attack method, known as a "Rolling Pause attack," targets the ultra-wideband (UWB) radio technology in modern keyless entry systems. Here's what makes it particularly concerning:

  • No physical access needed: Thieves can intercept signals without touching your key fob
  • Remote exploitation: The vulnerability can be exploited from a distance
  • Sophisticated technique: Uses custom hardware to manipulate security protocols

Which Vehicles Are Affected?

The vulnerability impacts numerous popular models across the BMW Group portfolio:

  • BMW iX, i4, 5 Series, 7 Series, X3, X5, X6, X7
  • Mini Hatch, Clubman, Countryman
  • Various Rolls-Royce models
  • Vehicles equipped with BMW OS7 and compatible key fobs

Immediate Protection Measures

While BMW is reportedly working on a security patch, owners need to take immediate action to protect their vehicles:

  1. Use Faraday pouches: Store your key fobs in signal-blocking containers
  2. Disable convenience features: Turn off automatic unlocking in vehicle settings
  3. Physical security: Consider additional steering locks and security systems
  4. Parking precautions: Choose well-lit, secure areas whenever possible

Industry-Wide Implications

This discovery raises serious questions about vehicle cybersecurity across the automotive industry. As cars become increasingly connected, the potential for digital theft methods grows exponentially. Manufacturers are now under pressure to prioritise security in their digital infrastructure.

The National Cyber Security Centre (NCSC) has been notified of the vulnerability, and owners of affected vehicles are urged to remain vigilant and implement protective measures immediately.