TL;DR

  • A cyberattack on Intoxalock locked 150,000 drivers out of their vehicles across 46 U.S. states [1]
  • The attack disrupted vehicle calibration systems, leaving drivers stranded and unable to work [1]
  • Connected IoT devices like breathalyzers, smart locks, and industrial sensors are single points of failure for business operations
  • Businesses relying on third-party connected devices need vendor risk assessments and continuity plans
  • This isn't just about data theft — operational disruption is the real threat to IoT-dependent businesses

From Annoyance to Business Crisis: When Connected Devices Go Offline

On March 14, 2026, Intoxalock — a company that makes vehicle breathalyzers for court-ordered ignition interlock systems — discovered it had been hit by a cyberattack [1]. The company, which serves 150,000 drivers daily across 46 states, took its systems offline as a precaution [1].​‌‌​‌​​‌‍​‌‌​‌‌‌​‍​‌‌‌​‌​​‍​‌‌​‌‌‌‌‍​‌‌‌‌​​​‍​‌‌​​​​‌‍​‌‌​‌‌​​‍​‌‌​‌‌‌‌‍​‌‌​​​‌‌‍​‌‌​‌​‌‌‍​​‌​‌‌​‌‍​‌‌​​​‌‌‍​‌‌‌‌​​‌‍​‌‌​​​‌​‍​‌‌​​‌​‌‍​‌‌‌​​‌​‍​‌‌​​​​‌‍​‌‌‌​‌​​‍​‌‌‌​‌​​‍​‌‌​​​​‌‍​‌‌​​​‌‌‍​‌‌​‌​‌‌‍​​‌​‌‌​‌‍​‌‌​‌​​‌‍​‌‌​‌‌‌‌‍​‌‌‌​‌​​‍​​‌​‌‌​‌‍​‌‌​​​‌​‍​‌‌‌​‌​‌‍​‌‌‌​​‌‌‍​‌‌​‌​​‌‍​‌‌​‌‌‌​‍​‌‌​​‌​‌‍​‌‌‌​​‌‌‍​‌‌‌​​‌‌‍​​‌​‌‌​‌‍​‌‌​‌​​‌‍​‌‌​‌‌​‌‍​‌‌‌​​​​‍​‌‌​​​​‌‍​‌‌​​​‌‌‍​‌‌‌​‌​​

The result? Driv

ers across America couldn't start their cars.

These breathalyzers require regular calibration every few months. When the cyberattack knocked out Intoxalock's calibration systems, vehicles whose devices were due for service simply wouldn't start [1]. Drivers posted on Reddit about being locked out of their vehicles, unable to get to work, appointments, or family obligations [1]. Auto shops reported cars parked in lots all week, waiting for systems to come back online [1].​‌‌​‌​​‌‍​‌‌​‌‌‌​‍​‌‌‌​‌​​‍​‌‌​‌‌‌‌‍​‌‌‌‌​​​‍​‌‌​​​​‌‍​‌‌​‌‌​​‍​‌‌​‌‌‌‌‍​‌‌​​​‌‌‍​‌‌​‌​‌‌‍​​‌​‌‌​‌‍​‌‌​​​‌‌‍​‌‌‌‌​​‌‍​‌‌​​​‌​‍​‌‌​​‌​‌‍​‌‌‌​​‌​‍​‌‌​​​​‌‍​‌‌‌​‌​​‍​‌‌‌​‌​​‍​‌‌​​​​‌‍​‌‌​​​‌‌‍​‌‌​‌​‌‌‍​​‌​‌‌​‌‍​‌‌​‌​​‌‍​‌‌​‌‌‌‌‍​‌‌‌​‌​​‍​​‌​‌‌​‌‍​‌‌​​​‌​‍​‌‌‌​‌​‌‍​‌‌‌​​‌‌‍​‌‌​‌​​‌‍​‌‌​‌‌‌​‍​‌‌​​‌​‌‍​‌‌‌​​‌‌‍​‌‌‌​​‌‌‍​​‌​‌‌​‌‍​‌‌​‌​​‌‍​‌‌​‌‌​‌‍​‌‌‌​​​​‍​‌‌​​​​‌‍​‌‌​​​‌‌‍​‌‌‌​‌​​

Intoxalock hasn't disclosed whether this was ransomware, data theft, or another type of attack. They also haven't provided a recovery timeline [1]. But the business impact is clear: when your operations depend on connected devices, a cyberattack on your vendor becomes your crisis.

Related: AI Ransomware Gap: How Attackers Are Using AI Against Businesses

The Hidden Risk in Your Supply Chain: IoT and OT Dependencies

The Intoxalock attack exposes a vulnerability that many businesses overlook: operational technology (OT) and Internet of Things (IoT) dependencies in your supply chain.

IoT devices are everyday objects connected to the internet — smart thermostats, security cameras, inventory sensors. Operational technology refers to computing systems that control physical processes and machinery — everything from manufacturing assembly lines to vehicle ignition systems.

When these devices depend on cloud services or third-party platforms, your business inherits their cybersecurity risks. According to Gartner, by 2026, 75% of organizations will have experienced one or more attacks on their IoT/OT systems [2]. The problem? Most businesses don't even know they're exposed until something breaks.

Consider your own dependencies:

  • Does your building access control system connect to a cloud platform?
  • Do your delivery vehicles use telematics or GPS tracking services?
  • Do your industrial machines rely on remote monitoring or predictive maintenance platforms?
  • Do your customers use connected devices that integrate with your services?

If any of these systems go offline due to a cyberattack, your operations don't just slow down — they stop.

Why This Attack Was Different: Operational Disruption, Not Data Theft

Most cybersecurity coverage focuses on data breaches — stolen credit cards, exposed personal information, leaked emails. But the Intoxalock attack highlights a different and arguably more damaging threat: operational disruption.

According to IBM's 2025 Cost of a Data Breach Report, the average cost of a data breach is $4.88 million globally [3]. But operational disruption from IoT/OT attacks can be far more expensive because it directly halts revenue-generating activities.

In Intoxalock's case:

  • Drivers couldn't work, meaning lost wages and potential job losses [1]
  • Auto shops had inventory tied up in undeliverable vehicles [1]
  • Court-ordered compliance requirements couldn't be met, creating legal liabilities for drivers [1]
  • The company's reputation takes a hit, potentially affecting future contracts [1]

The World Economic Forum's 2025 Global Risks Report identifies "technological disruption to critical operations" as a top-five risk to businesses over the next two years [4]. Unlike data breaches, which can be insured against and managed with credit monitoring, operational disruption has no quick fix.

The Single Point of Failure: Why Vendor Diversity Matters

The Intoxalock situation reveals another risk: single points of failure in critical infrastructure.

When you depend on one vendor for a critical business function, you're not just trusting their cybersecurity — you're betting your business continuity on it. NIST's Cybersecurity Framework emphasizes the importance of supply chain risk management, but many SMBs lack the resources to audit every vendor's security posture [5].

According to a 2025 survey by Ponemon Institute, 62% of data breaches involve a third-party vendor [6]. Yet only 35% of businesses maintain an inventory of their third-party IoT/OT dependencies [7]. This gap is where attacks like the Intoxalock incident slip through.

For SMBs, the lesson isn't "never use connected devices" — it's "know what you're depending on and have a backup plan."

How to Protect Your Business from IoT/OT Supply Chain Attacks

You can't eliminate third-party risk, but you can manage it. Here's a practical framework:

1. Map Your IoT/OT Dependencies

List every connected device or operational system that your business depends on. Include:

  • Building systems (HVAC, access control, security)
  • Vehicle and fleet management systems
  • Industrial machinery with remote monitoring
  • Customer-facing connected devices
  • Cloud-based calibration or maintenance services

2. Classify by Criticality

Not all dependencies are equal. Ask: "If this system went offline for 72 hours, what's the worst-case scenario?" Prioritize vendor assessments for systems that would halt operations or create safety hazards.

3. Demand Vendor Transparency

Before signing with any IoT/OT vendor, ask:

  • What cybersecurity frameworks do you follow? (NIST, ISO 27001, IEC 62443)
  • How do you detect and respond to security incidents?
  • What's your recovery timeline for critical systems?
  • Do you offer service level agreements (SLAs) with cyberattack exclusions?
  • Can you provide evidence of independent security audits?

If a vendor can't answer these questions, that's a red flag.

4. Build Redundancy Where Possible

For critical systems, identify backup vendors or manual workarounds. If your access control provider goes offline, do you have physical keys? If your telematics system is down, can your drivers log mileage manually? Redundancy is expensive, but downtime is more expensive.

5. Include Cyberattack Clauses in Contracts

Your vendor contracts should specify:

  • Notification timelines for security incidents (ideally within 24 hours)
  • Compensation for business disruption caused by vendor cyberattacks
  • Data ownership and recovery responsibilities
  • Right to audit security practices (for critical vendors)

The International Association of Privacy Professionals (IAPP) recommends that SMBs treat vendor cyber risk like legal risk — build it into contracts, don't just assume it's covered [8].

6. Test Your Continuity Plans

Run tabletop exercises simulating vendor outages. What happens if your building management system is down for a week? Your fleet telematics platform? Your medical device calibration service? Testing reveals gaps before a real attack does.

The Bottom Line: IoT Security Is Business Security

The Intoxalock attack isn't a story about a breathalyzer company — it's a warning about the fragility of connected operations. As businesses increasingly depend on IoT and OT systems, the attack surface expands beyond your own network to include every vendor in your supply chain.

According to McKinsey & Company, the number of connected IoT devices worldwide will reach 30 billion by 2026, with enterprise applications representing the largest growth segment [9]. More connected devices mean more potential entry points for attackers.

The businesses that thrive in this environment won't be the ones with the fanciest security tools — they'll be the ones who understand their dependencies, vet their vendors, and plan for the worst.

Your connected devices make your business more efficient. Make sure they don't also make it more vulnerable.

FAQ

An IoT (Internet of Things) device is any physical object connected to the internet that can send or receive data. Examples include smart thermostats, security cameras, vehicle telematics systems, industrial sensors, and medical devices like the Intoxalock breathalyzer.

IoT refers to connected consumer and business devices, while OT (operational technology) refers to computing systems that control physical processes and machinery. Both can be cyberattack targets, but OT attacks often have more severe operational consequences because they directly affect physical systems.

Start by listing every system that connects to the internet or a cloud service: building controls, fleet management, industrial equipment, customer devices. Ask each vendor about their cybersecurity practices and incident response plans. If a system's failure would halt your operations, it's a critical dependency that needs attention.

Demand immediate information about the attack scope and recovery timeline. Activate your business continuity plan — manual workarounds, backup vendors, alternative processes. Document all losses for potential insurance claims or legal action. Communicate transparently with customers about delays.

Cyber insurance policies typically cover business interruption from third-party vendor attacks, but coverage varies widely. Review your policy for "dependent business interruption" clauses and exclusions. Some insurers offer specific IoT/OT endorsements. Work with a broker who understands operational technology risk.

References

[1] Z. Whittaker, "Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US," TechCrunch, 20 Mar. 2026. [Online]. Available: https://techcrunch.com/2026/03/20/cyberattack-on-vehicle-breathalyzer-company-leaves-drivers-stranded-across-the-us/

[2] Gartner, "Gartner Top Strategic Technology Trends for 2026," Gartner, 2025. [Online]. Available: https://www.gartner.com/en/information-technology/insights/top-technology-trends

[3] IBM Security, "Cost of a Data Breach Report 2025," IBM, 2025. [Online]. Available: https://www.ibm.com/reports/data-breach

[4] World Economic Forum, "The Global Risks Report 2025," WEF, 2025. [Online]. Available: https://www.weforum.org/reports/global-risks-report-2025

[5] National Institute of Standards and Technology, "Cybersecurity Framework 2.0," NIST, 2024. [Online]. Available: https://www.nist.gov/cyberframework

[6] Ponemon Institute, "2025 Third-Party Risk Study," Ponemon Institute, 2025. [Online]. Available: https://www.ponemon.org

[7] Tenable, "State of Third-Party Cybersecurity 2025," Tenable, 2025. [Online]. Available: https://www.tenable.com

[8] International Association of Privacy Professionals, "Vendor Risk Management Framework," IAPP, 2025. [Online]. Available: https://iapp.org

[9] McKinsey & Company, "The IoT Revolution: Opportunities and Challenges for Enterprises," McKinsey, 2025. [Online]. Available: https://www.mckinsey.com/business-functions/mckinsey-digital

This attack on Intoxalock shows how cyber risk extends beyond data theft to operational disruption. When your business depends on connected devices and cloud services, your vendor's cybersecurity problem becomes your business continuity problem. Don't wait for an outage to discover your single points of failure. Get a vendor risk assessment and continuity plan at consult.lil.business.

TL;DR

  • A company called Intoxalock makes breathalyzers that go in cars to check if drivers have been drinking alcohol
  • Hackers attacked Intoxalock's computers, which made the breathalyzers stop working properly
  • About 150,000 people across America couldn't start their cars because of this attack [1]
  • This story teaches us why we need to be careful with devices that connect to the internet
  • Businesses that use smart devices need backup plans in case something goes wrong

What Happened?

Imagine getting into your car, turning the key, and... nothing happens. The car won't start. You didn't do anything wrong. You didn't forget to put gas in it. You didn't leave the lights on all night.

Your car won't start because a computer inside it — a breathalyzer that checks if someone has been drinking alcohol — stopped working. And it stopped working because hackers attacked the company that makes these breathalyzers.

This is exactly what happened in March 2026 to about 150,000 people across 46 states in America [1]. Let's learn about it.

Related: What Is Ransomware? Explained Simply

What Is a Breathalyzer and Why Do Some Cars Have Them?

A breathalyzer is a device that checks if someone has been drinking alcohol. You blow into it, and it measures the alcohol on your breath.

Some cars have these devices installed. They're called ignition interlock devices. Before the car will start, the driver has to blow into the breathalyzer. If the device detects alcohol, the car won't start. These are typically put in cars after someone has been caught drinking and driving, as a way to make sure they stay safe on the road.

The company Intoxalock makes these breathalyzers. About 150,000 people use them every day in America [1].

What Did the Hackers Do?

The hackers didn't attack the breathalyzers directly. Instead, they attacked Intoxalock's computer systems — the computers that help the company manage these devices.

Here's what happened:

  1. Intoxalock has a big computer system that keeps track of all their breathalyzers
  2. Every few months, each breathalyzer needs to be "calibrated" — sort of like how you need to restart a phone sometimes to keep it working right
  3. The hackers attacked this computer system, making it stop working [1]
  4. Without this computer system working, the breathalyzers couldn't be calibrated
  5. When a breathalyzer needs calibration but doesn't get it, the car won't start

So suddenly, people all across America couldn't start their cars. They couldn't go to work. They couldn't go to school. They couldn't go to the doctor. Some people had cars parked at repair shops for a whole week, just waiting for the computer systems to be fixed [1].

Why This Matters: Everything Is Connected Now

This story teaches us something important about the world we live in.

A long time ago, things were simple. A lock was just a piece of metal. A car was just a machine. A thermometer was just a glass tube with liquid inside.

Today, all these things can connect to the internet:

  • Smart locks that you can unlock with your phone
  • Cars that can connect to the internet for GPS and music
  • Thermostats that you can control from anywhere
  • Refrigerators that can tell you when you're out of milk

These are called IoT devices — that stands for "Internet of Things." They're everyday objects that are connected to the internet.

When things are connected to the internet, they're convenient. But they can also have problems if someone attacks the computers they talk to.

Related: Why Your Smart Devices Need Protection

Think About It Like a House Key

Imagine your house key. It's a piece of metal. It works by fitting into a lock and turning. It doesn't need batteries. It doesn't need Wi-Fi. It just works.

Now imagine a "smart lock" — a lock that connects to the internet. You can unlock it with your phone. You can check if you remembered to lock the door when you're at school. Pretty cool, right?

But what if the company that makes the smart lock gets hacked? What if their computers stop working? Suddenly, you might be locked out of your own house. Or worse, someone else might be able to get in.

The old metal key? That can't be hacked.

This doesn't mean smart devices are bad. It just means we need to be smart about how we use them.

What Businesses Can Learn From This

If you have a business, you might use connected devices:

  • A store might have smart cameras
  • A factory might have machines connected to computers
  • A delivery company might track trucks with GPS
  • A doctor's office might use medical devices that connect to the internet

When you use these devices, you're depending on the companies that make them. If they get hacked, you have a problem.

This is why smart businesses:

  • Ask questions before buying connected devices: "What happens if your system goes down?"
  • Have backup plans: "If this device stops working, is there another way to do our job?"
  • Choose good companies: Work with businesses that take security seriously

What You Can Do to Stay Safe

You might not own a business yet, but you probably use connected devices. Here's how to stay safe:

  1. Know what's connected in your home. Does your TV connect to the internet? Your thermostat? Your toys?
  2. Use strong passwords for all your smart devices. Don't use "password123" — use something hard to guess!
  3. Update your devices when they ask for updates. Updates often fix security problems.
  4. Think about backups. If your smart lock stopped working, do you have a regular key hidden somewhere?

The Big Lesson

The Intoxalock attack isn't really about breathalyzers. It's about how much we depend on computers and the internet now, even for things that seem simple.

A hacker on the other side of the world can affect whether someone can drive their car to work in the morning. That's powerful, and it's a little scary.

But the more we understand about how these things work, the safer we can be. We can ask good questions. We can make smart choices. We can be ready if something goes wrong.

And that's what cybersecurity is all about: being ready, being careful, and staying safe in a connected world.

FAQ

Yes! In this case, hackers didn't attack the cars directly. They attacked the company's computer system that manages the breathalyzers. When that system stopped working, the breathalyzers couldn't be calibrated, and cars wouldn't start. It shows how connected everything is.

No! Smart devices can be really helpful and fun. The key is using them safely. Use strong passwords, keep them updated, and buy from companies that take security seriously. Think of it like wearing a helmet when you ride a bike — you're still being careful, but you can still have fun.

First, don't panic! Check if the device just needs to be restarted or updated. Look on the company's website to see if they're having problems. Tell an adult if it's something important like a lock or a security camera. Sometimes these things just have glitches — not everything is a hacker!

Sometimes hackers do it to make money. They might try to get the company to pay them to fix the problem. Sometimes they do it to cause trouble. And sometimes they do it to make a political point. We don't know why this particular attack happened — the company hasn't said yet.

Ask your teachers or parents about online safety. There are great websites like Cyber.org for Kids that teach cybersecurity basics. And you can always ask questions! Learning how things work is the first step to staying safe.

References

[1] Z. Whittaker, "Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US," TechCrunch, 20 Mar. 2026. [Online]. Available: https://techcrunch.com/2026/03/20/cyberattack-on-vehicle-breathalyzer-company-leaves-drivers-stranded-across-the-us/

Even simple devices can be affected by cyberattacks when they connect to the internet. Whether you're a kid with a smart toy or a business owner with connected equipment, understanding these risks helps you make safer choices. Want to make sure your business is using connected devices safely? Talk to the experts at consult.lil.business.

Ready to strengthen your security?

Talk to lilMONSTER. We assess your risks, build the tools, and stay with you after the engagement ends. No clipboard-and-leave consulting.

Get a Free Consultation