Xc40 broken into without key

[JFDIT]

And it was a kid on a bike, who didn't steal the car. We don't know if they have recently traded in their mobile phones...

[Andy40]

Call me a syndic, but someone registers to post this thread and isn’t coming back with replies etc…. Hmmmmm

[OxfordT]

Contacted the local dealer and basically not very helpful. They can’t interrogate diagnostically what was triggered within the control units other than if the alarm went off (if didn’t), they are not aware if any such issues and after asking what should I do if if happens again the service associate said he couldn’t comment. I have changed the password on the Volvo app. To be honest I have had a lot of software issues and poor analysis with this car plus a recall. Add this issue to the mix and I don’t think I’ll be a returning customer. I am 1 year into a 3 year lease and seriously considering cancelling the 2nd or 3rd year at a 40% cost to myself.

[Felindre]

OK I tried this, yes if you unlock from the app it says press the boot button and the whole car unlocks. So it has to be how the lad was able to access the app, shared a password ?

[steveg999]

Without a key the car can be unlocked using Volvo Cars app. First the tailgate is unlocked with no lights flashing and only after the tailgate opening switch is pushed manually will the driver’s door unlock. At request Volvo should be able to pull the logs both from the car and its app servers to figure out what happened.

Make sure to use a unique and hard to guess password for Volvo ID because login security is weak, there’s no two factor authentication (2FA) and no notifications for new logins. Someone with access to Volvo ID user name and password can log into Volvo Cars App on any new device, find the car’s position on the map, unlock it and start the engine. Fortunately, the car can’t be moved without the key.

If my car is anything to go by, the app will conclude the car is offline very quickly and that, too, won't be an option to unlock. Yep, just checked - used the car and home by 14:00: car is now showing offline so I couldn't unlock if I wanted to

[eugen61]

My MY2020 goes offline after 5 days of not being used. During those 5 days I can unlock the car or start the engine remotely from the app.

[eugen61]

OK I tried this, yes if you unlock from the app it says press the boot button and the whole car unlocks. So it has to be how the lad was able to access the app, shared a password ?

Username & password combos on weak security websites can be accessed by hackers. People reusing the same username & password pairs on multiple website logins could be at risk. You can check if a username was in a data breach: https://haveibeenpwned.com

[OxfordT]

To be fair the police have spoken to me on the phone and they were surprised how effortlessly the person entered the car. He did suggest a battery operated motion detector so I have purchased one off Amazon for £20.00.

[JFDIT]

Have you traded in, lost or had a mobile phone repaired recently? Are you Android or Apple?

[Cro]

Contacted the local dealer and basically not very helpful. They can’t interrogate diagnostically what was triggered within the control units other than if the alarm went off (if didn’t), they are not aware if any such issues and after asking what should I do if if happens again the service associate said he couldn’t comment. I have changed the password on the Volvo app. To be honest I have had a lot of software issues and poor analysis with this car plus a recall. Add this issue to the mix and I don’t think I’ll be a returning customer. I am 1 year into a 3 year lease and seriously considering cancelling the 2nd or 3rd year at a 40% cost to myself.

I'd message Volvo HQ and ask them to take a look at the logs they received from the car at that time.