Tesla’s Internal Data Exposed: A Look into the Recent Security Breach

Reading Time: ( Word Count: )

August 22, 2023
Nextdoorsec-course

Elon Musk’s electric vehicle giant, Tesla, recently issued notifications about a security breach to those impacted. Documents submitted to the Maine Attorney General indicate that a total of 75,735 individuals had their data compromised in what Tesla labeled as an “internal malfeasance.”

In May 2023, Tesla was alerted by the German financial daily, Handelsblatt, that it was in possession of the company’s sensitive data. Tesla’s correspondence clarifies that the publication had no intentions of releasing any personal details.

Further investigations by Tesla found that two of its ex-employees had breached company policy by unlawfully acquiring and distributing this data to the newspaper. The data leak primarily consisted of personal details of both current and past Tesla employees, which includes names, residential addresses, contact numbers, and email IDs. There’s also an indication that Social Security numbers might have been part of the leaked data.

Also Read: Is Biometric Data Truly Safe? Think Again.

As a remedial measure, Tesla has pledged to offer complimentary identity theft protection to all those affected by this breach.

Tesla's Internal Data Exposed

In the same month, an alleged whistleblower supplied Handelsblatt with a massive 100 GB dataset. This data reportedly included numerous customer grievances regarding Tesla’s Full Self Driving (FSD) functionalities.

Subsequent to acquiring this data, the German publication ran a sequence of reports delving deep into Tesla’s internal procedures, ranging from challenges with the FSD to directives advising staff against recording any complaints in writing.

Although Tesla’s breach notification doesn’t explicitly connect the two data leaks, the coincidental timing and the involvement of the same German publication make the incidents appear interconnected.

Tesla has taken stern actions in response: “We’ve initiated legal actions against the two ex-employees in question. This led to the confiscation of electronic gadgets believed to hold the leaked Tesla details. We’ve also secured judicial mandates barring these former staff members from any further handling, accessing, or sharing of the compromised data, with severe legal consequences for non-compliance,” stated the breach notification from Tesla.

It’s worth noting that this isn’t Tesla’s first brush with whistleblower-related incidents. Back in 2019, as reported by Bloomberg, the firm, under Musk’s supervision, took unusual steps in handling a whistleblower, which drew significant attention.

Saher Mahmood

Saher Mahmood

Author

Saher is a cybersecurity researcher with a passion for innovative technology and AI. She explores the intersection of AI and cybersecurity to stay ahead of evolving threats.

Other interesting articles

Automated vs Manual Penetration Testing

Automated vs Manual Penetration Testing

Pentesting is largely divided into two methodologies: Automated vs Manual Penetration Testing. Both have ...
8 Steps in Penetration Testing You Should Know

8 Steps in Penetration Testing You Should Know

Mastering the art of penetration testing has become a critical ability for security experts to combat cyber ...
Spear Phishing vs Whaling: What is the Difference

Spear Phishing vs Whaling: What is the Difference

Spear phishing is a particularly devious type of phishing assault in which the individual targeted plays a ...
How Often Should Penetration Testing Be Done

How Often Should Penetration Testing Be Done

Penetration testing is a crucial technique that involves simulating a cyberattack on networks, computer systems, ...
0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *