Intoxalock Restores Service After Hack Left Drivers Unable to Start Cars Across 46 States

What happened

Intoxalock restored service after a hack left drivers unable to start cars across 46 states following a March 14 cyber event that disrupted parts of the company’s systems. The company said it temporarily paused some systems as a precaution and took immediate action to secure its network and protect the integrity of its systems and data. The disruption affected installations, calibrations, removals, account access, and service center support. Intoxalock said the devices themselves remained fully operational, but customers who were required to calibrate their device were impacted because the calibration process depends on an advanced calibration system. The company said it developed a new system app for calibration devices and coordinated with state regulators to provide a temporary solution. It also said systems were restored late Sunday.

Who is affected

The direct impact fell on Intoxalock customers across 46 states, particularly drivers whose devices required calibration. The disruption also affected installation stations and service centers handling installations, removals, calibrations, and related support, while compliance-related obligations were also affected for some users.

Why CISOs should care

This incident shows how a cyber event affecting supporting systems can disrupt a safety technology service even when the core devices remain operational. The business relevance is immediate because the outage affected regulated workflows, customer mobility, service delivery, and coordination with regulators across multiple states.

3 practical actions:

1. Prioritize dependency mapping: Identify which customer-facing or regulated services depend on connected support systems so leaders understand where a systems outage can interrupt operations even when the core product still functions.
2. Prepare temporary operating workarounds: Build and pre-approve fallback processes with regulators, service partners, and frontline teams for incidents that interrupt calibrations, account access, or other required compliance services.
3. Align customer remediation early: Make fee waivers, service extensions, and surge support part of the incident response plan when disruption affects users’ ability to meet service or compliance requirements.

For more coverage of major incidents and threat activity, explore our reporting on Cyberattacks.