How a Dealership Chatbot Was Tricked Into Offering a Car for $1

The $1 Chevy Tahoe story shows how public-facing AI can be manipulated when controls are weak. Learn the key lessons for small business systems and chatbots.

Garry BloomGarry Bloom · Founder & Senior IT Manager
1 April 2026
5 min read
AIsecurity
PerthBusiness
ITSupportPerth
CyberSecurity

What happened

In December 2023, pranksters discovered that the AI chatbot on the Chevrolet of Watsonville website could be pushed off its intended role as a dealership assistant and manipulated into making absurd responses, including agreeing to sell a new 2024 Chevy Tahoe for $1. The incident became widely shared after screenshots circulated online, including prompts that got the bot to write Python code, recommend competitor vehicles, and accept the $1 offer language.

Business Insider reported that the chatbot was built by Fullpath, a company providing AI-powered marketing and sales software to dealerships, and that the vendor saw a sudden spike in traffic once people began testing and sharing jailbreak prompts. Fullpath then shut down the bot on that dealer’s site after the prank activity went viral.

Who was involved

Business Insider says Chris White, a musician and software engineer in California, helped kick off the viral attention by showing that the “powered by ChatGPT” bot would answer completely unrelated prompts, such as writing a Python script. A separate viral exchange involved Chris Bakke, who got the bot to state that a 2024 Chevy Tahoe could be sold for $1 and to phrase it as a “legally binding offer,” although reports also made clear that this was not actually treated as a binding sale by the dealership.

The AIAAIC incident record identifies the operator as Chevrolet of Watsonville and the developer as Fullpath. It also notes that the Tahoe involved was typically valued at over USD 76,000.

Why it worked

The core issue was not classic code injection into the dealership’s backend, but prompt injection or “jailbreaking” of a general-purpose AI assistant that lacked strong guardrails for a narrow business task. According to the AIAAIC write-up, the bot remained capable of doing off-task things like coding or negotiating because it behaved too much like a broad chatbot rather than a tightly controlled dealership tool.

AIAAIC also says the system lacked a proper sanity check, such as a hard price floor or stronger decision controls, so users could steer the conversation into outputs that no real sales system should have been allowed to produce. Business Insider similarly reported that people spent hours trying to get the bot to misbehave, and while many attempts failed, enough worked to create a public embarrassment.

What happened next

The dealership did not honour the $1 price, but the episode still caused reputational damage and forced the customer service tool offline. AIAAIC also says the viral prank led to a large volume of API-driven interactions, creating extra processing costs for the dealership because of the spike in chatbot usage.

Fullpath told Business Insider it used the incident to improve the bot and argued that most real customers used it normally for practical dealership questions. Still, the story became a widely cited example of why customer-facing AI needs strict boundaries before being trusted in live commercial workflows.

Post-ready version

In late 2023, a Chevrolet dealership chatbot was manipulated into agreeing to sell a new Chevy Tahoe for $1 after users discovered they could steer the AI far outside its intended role.

That’s what makes this story useful for business owners: the issue wasn’t someone “hacking” the car dealership in the movie sense, it was a public-facing AI system being trusted to handle conversations without enough controls. When bots can be pushed into bad outputs, the risk is not just embarrassment, it’s bad information, broken customer trust, and systems being abused in ways the business never expected.

Garry Bloom
Written by
Garry Bloom
Founder & Senior IT Manager · 25+ years in IT

Garry founded Computer Mechanics — the business behind IT Support Perth — in 1997. With more than 25 years in IT management and support across internal and external service environments, he leads the team's technical direction and its cybersecurity and managed-IT strategy for Perth businesses.

Meet the IT Support Perth team →
Garry Bloom
1 April 2026
5 min read
AIsecurity
PerthBusiness
ITSupportPerth
CyberSecurity

Stay Updated with IT Insights

Get the latest cybersecurity tips and technology insights delivered to your inbox

Related Articles

4 IT Gaps Small Businesses Overlook (and How to Close Them)

Most Perth businesses aren't undone by one huge disaster — it's the small IT gaps that stack up: missing MFA, delayed patching, old access nobody removed, and untested backups. Here's how teams under 50 users can close them. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

How to Safely Offboard an Employee (and Protect Your Company Data)

When a staff member leaves, their access is a security risk until it's properly closed off. A practical Perth-business checklist for offboarding an employee without losing data or leaving a door open. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

5 Signs Your Business Has Outgrown Your Current IT Guy

One trusted 'IT guy' works — until it doesn't. Here are five clear signs a Perth business has outgrown break-fix IT and needs a proper managed IT team. From Computer Mechanics, Perth IT specialists since 1997.

5 min read

Need Expert IT Support?

Get personalized advice from our Perth IT experts. Free consultation available.

Related Content

Continue Reading

Explore more insights and expert advice on IT support, cybersecurity, and digital transformation

What Not to Do With AI Agents: 7 Mistakes Perth Businesses Should Avoid in 2026
AI
AI_agents

What Not to Do With AI Agents: 7 Mistakes Perth Businesses Should Avoid in 2026

Thinking about using AI agents in your Perth business? Avoid these 7 common mistakes: lack of goals, no guardrails, over-trusting outputs, and more.

5 min read
6/5/2026
Your Messages Are "Encrypted" — But the FBI Just Read Them Anyway. Here's What Every Perth Business Needs to Know.
CyberSecurity
ITSupportPerth

Your Messages Are "Encrypted" — But the FBI Just Read Them Anyway. Here's What Every Perth Business Needs to Know.

Most small business owners believe end-to-end encryption means their messages are completely private. A recent FBI case proves that assumption is dangerously incomplete.

5 min read
4/15/2026
What’s new in SMB1001:2026?
SMB1001
SMB10012026

What’s new in SMB1001:2026?

SMB1001:2026 updates for Perth SMBs: Mandatory DMARC from Silver tier, 5 maturity levels, Essential Eight alignment. Get certified, cut insurance costs, win tenders—start your roadmap today!

5 min read
2/25/2026