Elon Musk’s electric vehicle giant, Tesla, recently issued notifications about a security breach to those impacted. Documents submitted to the Maine Attorney General indicate that a total of 75,735 individuals had their data compromised in what Tesla labeled as an “internal malfeasance.”
In May 2023, Tesla was alerted by the German financial daily, Handelsblatt, that it was in possession of the company’s sensitive data. Tesla’s correspondence clarifies that the publication had no intentions of releasing any personal details.
Further investigations by Tesla found that two of its ex-employees had breached company policy by unlawfully acquiring and distributing this data to the newspaper. The data leak primarily consisted of personal details of both current and past Tesla employees, which includes names, residential addresses, contact numbers, and email IDs. There’s also an indication that Social Security numbers might have been part of the leaked data.
Also Read: Is Biometric Data Truly Safe? Think Again.
As a remedial measure, Tesla has pledged to offer complimentary identity theft protection to all those affected by this breach.
In the same month, an alleged whistleblower supplied Handelsblatt with a massive 100 GB dataset. This data reportedly included numerous customer grievances regarding Tesla’s Full Self Driving (FSD) functionalities.
Subsequent to acquiring this data, the German publication ran a sequence of reports delving deep into Tesla’s internal procedures, ranging from challenges with the FSD to directives advising staff against recording any complaints in writing.
Although Tesla’s breach notification doesn’t explicitly connect the two data leaks, the coincidental timing and the involvement of the same German publication make the incidents appear interconnected.
Tesla has taken stern actions in response: “We’ve initiated legal actions against the two ex-employees in question. This led to the confiscation of electronic gadgets believed to hold the leaked Tesla details. We’ve also secured judicial mandates barring these former staff members from any further handling, accessing, or sharing of the compromised data, with severe legal consequences for non-compliance,” stated the breach notification from Tesla.
It’s worth noting that this isn’t Tesla’s first brush with whistleblower-related incidents. Back in 2019, as reported by Bloomberg, the firm, under Musk’s supervision, took unusual steps in handling a whistleblower, which drew significant attention.