The thing is that so far they have used the wifi to access only the functions that the wifi system is meant to have access to, those functions are supposed to be limited to the owner so yeah theres a security issue there, a mitm attack it reads like.
but. It doesn't give access to anything terribly exciting, or dangerous. "oooh scary they can drain the drive battery" (by activating the pre-heater), it's a hybrid, it has a petrol engine, that battery drain could cost you whole pennies in extra fuel on your journey. sigh.
If your going to freak out about security then the keyless door entry would be the more tempting attack vector, the old "use a signal booster to unlock the car" trick, then you have access to the OBDII port directly and could maybe cause some real problems.